info@gwynnsfallswellness.com
(443) 320-2646
1723 Gwynns Falls Pkwy Baltimore, MD 21217

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

1. Information We Collect

We collect personal information you provide directly to us, such as your name, email address, phone number, and any other information you choose to provide. We may also collect information automatically through cookies and similar technologies.

2. How We Use Your Information

  • To provide, maintain, and improve our services
  • To communicate with you about your inquiries
  • To comply with legal obligations

3. Sharing of Information

We do not sell or rent your personal information. We may share information with service providers who assist us in operating our website and conducting our business, as long as those parties agree to keep this information confidential.

4. Data Security

We implement a variety of security measures to maintain the safety of your personal information. However, no method of transmission over the Internet is 100% secure.

5. Protected Health Information and HIPAA Compliance

Lighthouse Behavioral Health Center LLC is committed to protecting your privacy and maintaining the confidentiality of your protected health information (PHI) in full compliance with the Health Insurance Portability and Accountability Act (HIPAA) and its implementing regulations under 45 CFR Parts 160 and 164.

Verify Approval for www.gwynnsfallswellness.com
LegitScript Certified

5.1 Notice of Privacy Practices

As a covered entity under HIPAA, we are required to maintain the privacy of your protected health information and to provide you with notice of our legal duties and privacy practices. This section serves as our Notice of Privacy Practices as required by 45 CFR 164.520.

5.2 What is Protected Health Information (PHI)?

Protected health information includes any individually identifiable health information that we create, receive, maintain, or transmit in any form (electronic, written, or oral) that relates to:

  • Your past, present, or future physical or mental health condition
  • The provision of health care services to you
  • Payment for health care services provided to you
  • Information that identifies you or could be used to identify you

5.3 How We May Use and Disclose Your PHI

Treatment: We may use and disclose your PHI to provide, coordinate, or manage your addiction treatment and related services. This includes sharing information with physicians, nurses, counselors, peer recovery specialists, case managers, and other clinical staff involved in your care.

Payment: We may use and disclose your PHI to bill and collect payment for treatment and services provided to you. This may include disclosures to your health insurance company, Medicaid, Medicare, or other third-party payers to verify eligibility, obtain prior authorization, and process claims.

Health Care Operations: We may use and disclose your PHI for our health care operations, including quality assessment and improvement activities, credentialing and training of clinical staff, licensing and accreditation activities, business planning, and compliance with regulatory requirements.

5.4 Uses and Disclosures Requiring Your Authorization

Except as described above and in limited circumstances permitted by law, we will not use or disclose your PHI without your written authorization. You have the right to revoke any authorization in writing at any time, except to the extent that we have already taken action in reliance on your authorization.

Special Protections for Substance Use Disorder Treatment Records: Federal law (42 CFR Part 2) provides additional protections for records of substance use disorder diagnosis, treatment, and referral. We will not disclose substance use disorder treatment information without your specific written consent, except as permitted by 42 CFR Part 2, which includes:

  • Medical emergencies
  • Court orders in specific circumstances
  • Research, audit, or program evaluation (with appropriate safeguards)
  • Reporting of crimes committed on program premises or against program personnel
  • Child abuse and neglect reporting as required by state law

5.5 Your Rights Regarding Your PHI

Under HIPAA, you have the following rights with respect to your protected health information:

Right to Access: You have the right to inspect and obtain a copy of your PHI maintained in our designated record set, which includes medical and billing records. To request access, submit a written request to our Privacy Officer. We will respond to your request within 30 days and may charge a reasonable, cost-based fee for copying and mailing.

Right to Request Amendment: If you believe that information in your record is incorrect or incomplete, you may request that we amend the information. We may deny your request in certain circumstances, such as when the information was not created by us or is already accurate and complete.

Right to an Accounting of Disclosures: You have the right to receive an accounting of certain disclosures of your PHI made by us during the six years prior to your request (or a shorter period if requested). This does not include disclosures for treatment, payment, health care operations, or disclosures made with your authorization.

Right to Request Restrictions: You have the right to request restrictions on certain uses and disclosures of your PHI for treatment, payment, or health care operations. We are not required to agree to your request, except in the case where the disclosure is to a health plan for payment or health care operations purposes and the PHI pertains to a service for which you have paid out-of-pocket in full.

Right to Request Confidential Communications: You have the right to request that we communicate with you about your PHI by alternative means or at alternative locations. For example, you may request that we contact you only at a work phone number or by mail at a specific address.

Right to a Paper Copy of This Notice: You have the right to receive a paper copy of this Notice of Privacy Practices upon request, even if you have previously received it electronically.

5.6 Breach Notification

In the event of a breach of your unsecured PHI, we will notify you as required by law. A breach is an impermissible use or disclosure that compromises the security or privacy of your PHI. We will provide notification without unreasonable delay and in no case later than 60 days after discovery of the breach.

5.7 Minimum Necessary Standard

When using or disclosing PHI or when requesting PHI from another covered entity, we make reasonable efforts to limit the information to the minimum necessary to accomplish the intended purpose of the use, disclosure, or request, except when the disclosure is for treatment purposes or is required by law.

5.8 Business Associates

We may disclose your PHI to business associates who perform services on our behalf, such as billing companies, legal consultants, or IT service providers. We require these business associates to sign written agreements (Business Associate Agreements) ensuring they will appropriately safeguard your PHI in accordance with HIPAA requirements.

5.9 Marketing and Fundraising

We will not use or disclose your PHI for marketing purposes without your written authorization. If we engage in fundraising activities, we may use limited demographic information about you, but you have the right to opt out of receiving fundraising communications.

5.10 Our Responsibilities

We are required by law to:

  • Maintain the privacy and security of your protected health information
  • Provide you with this notice of our legal duties and privacy practices
  • Abide by the terms of this notice currently in effect
  • Notify you following a breach of your unsecured PHI
  • Not use or disclose your PHI in ways other than described in this notice without your written authorization

5.11 Complaints

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services Office for Civil Rights. To file a complaint with us, contact our Privacy Officer at the address below. You will not be retaliated against for filing a complaint.

Privacy Officer Contact Information:
Lighthouse Behavioral Health Center LLC
1723 Gwynns Falls Parkway
Baltimore, MD 21217
Phone: (443) 320-2646
Email: info@gwynnsfallswellness.com

HHS Office for Civil Rights:
U.S. Department of Health and Human Services
200 Independence Avenue, S.W.
Washington, D.C. 20201
Phone: 1-877-696-6775
Website: www.hhs.gov/ocr/privacy/hipaa/complaints/

5.12 Changes to This Notice

We reserve the right to revise this Notice of Privacy Practices at any time. Any revised notice will be effective for all PHI we maintain, including information created or received before the notice was revised. We will post the current notice in our facility and on our website, and will provide you with a copy upon request.

5.13 Effective Date

This Notice of Privacy Practices is effective as of February 9, 2026.

6. Your Rights

You have the right to access, correct, or delete your personal information. To exercise these rights, please contact us at info@gwynnsfallswellness.com.

7. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date.

8. Contact Us

If you have any questions about this Privacy Policy, please contact us at info@gwynnsfallswellness.com.