Privacy Policy

Leaf on the Wind Counseling & Consulting, PLLC is dedicated to safeguarding and preserving your privacy when visiting our site or communicating electronically with us.

Below is our privacy policy which incorporates these principles. We do update this Policy from time to time so please do review this Policy regularly.

Name and Address of the controller
Christina Shroyer
Email: christina@leafonthewindcounseling.com

1) Information We Collect

In operating our website we may collect and process the following data about you:

  1. a) Details of your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data.
    b) Information provided to us when you communicate with us for any reason.

2) Use of Cookies

Like most website operators, the Internet pages of Leaf on the Wind Counseling & Consulting, PLLC use cookies. Cookies are text files that are stored in a computer system via an Internet browser. Many Internet sites and servers use cookies. Many cookies contain a cookie ID.
Such information will not identify you personally it is statistical data about our visitors and their use of our site. This statistical data does not identify any personal details whatsoever.
The website collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website, (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system.
Leaf on the Wind Counseling & Consulting, PLLC’s purpose in collecting non-personally identifying information is to better understand how our visitors use our website. The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers

When you click on a link found on our site, the target site may also use cookies, over which we have no control. Such cookies (if used) would be downloaded once you land on their website.

3) Gathering of Personally-Identifying Information

The website Leaf on the Wind Counseling & Consulting, PLLC contains a contact form for inquiries and appointment requests.
If a data subject contacts us by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.

4) Routine erasure and blocking of personal data

The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage.

5) Use of Your Information

The information that we collect and store relating to you is primarily used to enable us to provide our services to you. In addition, we may use the information for the following purposes:

  1. a) To provide you with the information requested from us, relating to our products or services. To provide information on other products which we feel may be of interest to you, where you have consented to receive such information.
    b) To meet our contractual commitments to you.
    c) To notify you about any changes to our website, such as improvements or service/product changes, that may affect our service.
    d) Please be advised that we do not reveal information about identifiable individuals but we may, on occasion, provide third parties with aggregate statistical information about our visitors.

6) Storing Your Personal Data

  1. a) Data that is provided to us is stored on our secure servers. Details relating to any transactions entered into on our site will be encrypted to ensure its safety.
    b) The transmission of information via the internet is not completely secure and therefore we cannot guarantee the security of data sent to us electronically and transmission of such data is therefore entirely at your own risk. Where we have given you (or where you have chosen) a password so that you can access certain parts of our site, you are responsible for keeping this password confidential.
    c) We acknowledge that all individuals have the right to access the personal information/data that we maintain about them. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his query to Christina Shroyer. If requested to remove data, we will respond within a reasonable timeframe.

7) Disclosing Your Information

  1. a) We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.
    b) Where applicable, we may also disclose your personal information to third parties:
    i) Where we are legally required to disclose your information.
    ii) To assist fraud protection and minimize credit risk.

8) Third Party Links

You might find links to third party websites on our website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.

Contacting Us

We welcome any queries, comments or requests you may have regarding this Privacy Policy. Please do not hesitate to contact us.

Additional detailed information regarding analytic cookies on this site:-

  • Data protection provisions about the application and use of Google Analytics (with anonymization function)
    On this website, the controller has integrated the component of Google Analytics (with the anonymizer function). Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of Internet advertising.
    The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.
    Google Analytics places a cookie on the information technology system of the data subject. The definition of cookies is explained above. With the setting of the cookie, Google is enabled to analyze the use of our website.
    The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google Analytics from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.
    In addition, the data subject has the possibility of objecting to a collection of data that are generated by Google Analytics, which is related to the use of this website, as well as the processing of this data by Google and the chance to preclude any such. Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html. Google Analytics is further explained under the following Link https://www.google.com/analytics/.

 

 

Notice of PHI Privacy Practices

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

Your health record contains personal information about you and your health.  This information about you that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services is referred to as Protected Health Information (“PHI”). This Notice of Privacy Practices describes how we may use and disclose your PHI in accordance with applicable law, including the Health Insurance Portability and Accountability Act (“HIPAA”), regulations promulgated under HIPAA including the HIPAA Privacy and Security Rules.  It also describes your rights regarding how you may gain access to and control your PHI.

We are required by law to maintain the privacy of PHI and to provide you with notice of our legal duties and privacy practices with respect to PHI. We are required to abide by the terms of this Notice of Privacy Practices.  We reserve the right to change the terms of our Notice of Privacy Practices at any time.  Any new Notice of Privacy Practices will be effective for all PHI that we maintain at that time. We will provide you with a copy of the revised Notice of Privacy Practices by posting a copy on our website, sending a copy to you in the mail upon request or providing one to you at your next appointment.

 

HOW WE MAY USE AND DISCLOSE HEALTH INFORMATION ABOUT YOU

For Treatment.  Your PHI may be used and disclosed without authorization by those who are involved in your care for the purpose of providing, coordinating, or managing your health care treatment and related services. This includes consultation with clinical supervisors or other treatment team members.

For Payment.  We may use and disclose PHI without authorization so that we can receive payment for the treatment services provided to you.  Examples of payment-related activities are: making a determination of eligibility or coverage for insurance benefits, processing claims with your insurance company, reviewing services provided to you to determine medical necessity, or undertaking utilization review activities.  If it becomes necessary to use collection processes due to lack of payment for services, we will only disclose the minimum amount of PHI necessary for purposes of collection.

For Health Care Operations.  We may use or disclose without authorization, as needed, your PHI in order to support our business activities including, but not limited to, quality assessment activities, employee review activities, licensing, and conducting or arranging for other business activities. For example, we may share your PHI with third parties that perform various business activities (e.g., billing or typing services) provided we have a written contract with the business that requires it to safeguard the privacy of your PHI.

Required by Law.  Under the law, we must disclose your PHI to you upon your request.  In addition, we must make disclosures to the Secretary of the Department of Health and Human Services for the purpose of investigating or determining our compliance with the requirements of the Privacy Rule.

Without Authorization.  Following is a list of the other categories of uses and disclosures permitted by HIPAA without an authorization.

Applicable law permits us to disclose information about you without your authorization only in a limited number of situations.

Child Abuse or Neglect. We may disclose your PHI to a state or local agency that is authorized by law to receive reports of child abuse or neglect.

Judicial and Administrative Proceedings. We may disclose your PHI pursuant to a subpoena (with your written consent), court order, administrative order or similar process.

Deceased Patients.  We may disclose PHI regarding deceased patients as mandated by state law, or to a family member or friend that was involved in your care or payment for care prior to death, based on your prior consent. A release of information regarding deceased patients may be limited to an executor or administrator of a deceased person’s estate or the person identified as next-of-kin.  PHI of persons that have been deceased for more than fifty (50) years is not protected under HIPAA.

Medical Emergencies.  We may use or disclose your PHI in a medical emergency situation to medical personnel only in order to prevent serious harm. Our staff will try to provide you a copy of this notice as soon as reasonably practicable after the resolution of the emergency.

Family Involvement in Care. With your authorization or in an emergency situation we may disclose information to close family members or friends directly involved in your treatment.

Health Oversight.  If required, we may disclose PHI to a health oversight agency for activities authorized by law, such as audits, investigations, and inspections. Oversight agencies seeking this information include government agencies and organizations that provide financial assistance to the program (such as third-party payors based on your prior consent) and peer review organizations performing utilization and quality control.

Law Enforcement. We may disclose PHI to a law enforcement official as required by law, in compliance with a subpoena (with your written consent), court order, administrative order or similar document, for the purpose of identifying a suspect, material witness or missing person, in connection with the victim of a crime, in connection with a deceased person, in connection with the reporting of a crime in an emergency, or in connection with a crime on the premises.

Specialized Government Functions.  We may review requests from U.S. military command authorities if you have served as a member of the armed forces, authorized officials for national security and intelligence reasons and to the Department of State for medical suitability determinations, and disclose your PHI.

Public Health.  If required, we may use or disclose your PHI for mandatory public health activities to a public health authority authorized by law to collect or receive such information for the purpose of preventing or controlling disease, injury, or disability, or if directed by a public health authority, to a government agency that is collaborating with that public health authority.

Public Safety. We may disclose your PHI if necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public.  If

information is disclosed to prevent or lessen a serious threat it will be disclosed to a person or persons reasonably able to prevent or lessen the threat, including the target of the threat.

Research.   PHI may only be disclosed after a special approval process or with your authorization.

Fundraising.  We will not send you fundraising communications without your authorization. You have the right to opt out of such fundraising communications with each solicitation you receive.

Verbal Permission. We may also use or disclose your information to family members that are directly involved in your treatment with your verbal permission.

With Authorization.   Uses and disclosures not specifically permitted by applicable law will be made only with your written authorization, which may be revoked at any time, except to the extent that we have already made a use or disclosure based upon your authorization.  In addition, authorization may be required for the use or disclosure of PHI if a more stringent state or federal law applies, such as substance abuse treatment information protected by 42 C.F.R. Part 2.  The following uses and disclosures will be made only with your written authorization: (i) most uses and disclosures of psychotherapy notes which are separated from the rest of your medical record; (ii) most uses and disclosures of PHI for marketing purposes, including subsidized treatment communications; (iii) disclosures that constitute a sale of PHI (we will not sell your PHI); and (iv) other uses and disclosures not described in this Notice of Privacy Practices.

 

YOUR RIGHTS REGARDING YOUR PHI

You have the following rights regarding PHI we maintain about you.  To exercise any of these rights, please submit your request in writing to our Privacy Officer at: PO Box 85 Dripping Springs TX 78620

 

Right of Access to Inspect and Copy.  You have the right, which may be restricted only in exceptional circumstances, to inspect and copy PHI that is maintained in a “designated record set”. A designated record set contains mental health/medical and billing records and any other records that are used to make decisions about your care.  Your right to inspect and copy PHI will be restricted only in those situations where there is compelling evidence that access would cause serious harm to you or if the information is contained in separately maintained psychotherapy notes.  We may charge a reasonable, cost-based fee for copies. If your records are maintained electronically, you may also request an electronic copy of your PHI.  You may also request that a copy of your PHI be provided to another person.

 

Right to Amend.  If you feel that the PHI we have about you is incorrect or incomplete, you may ask us to amend the information although we are not required to agree to the amendment. If we deny your request for amendment, you have the right to file a statement of disagreement with us. We may prepare a rebuttal to your statement and will provide you with a copy. Please contact the Privacy Officer if you have any questions.

 

Right to an Accounting of Disclosures.  You have the right to request an accounting of certain of the disclosures that we make of your PHI.  We may charge you a reasonable fee if you request more than one accounting in any 12-month period.

 

Right to Request Restrictions.  You have the right to request a restriction or limitation on the use or disclosure of your PHI for treatment, payment, or health care operations.  We are not required to agree to your request unless the request is to restrict disclosure of PHI to a health plan for purposes of carrying out payment or health care operations, and the PHI pertains to a health care item or service that you paid for out of pocket. In that case, we are required to honor your request for a restriction.

 

Right to Request Confidential Communication.  You have the right to request that we communicate with you about health matters in a certain way or at a certain location.  We will accommodate reasonable requests.  We may require information regarding how payment will be handled or specification of an alternative address or other method of contact as a condition for accommodating your request.  We will not ask you for an explanation of why you are making the request.

Breach Notification. If there is a breach of unsecured PHI concerning you, we may be required to notify you of this breach, including what happened and what you can do to protect yourself.

Right to a Copy of this Notice.  You have the right to a copy of this notice.

 

COMPLAINTS

If you believe we have violated your privacy rights, you have the right to file a complaint in writing with our Privacy Officer Christina Shroyer, M.S., LMFT or with the Secretary of Health and Human Services at 200 Independence Avenue, S.W.  Washington, D.C. 20201 or by calling (202) 619-0257.  We will not retaliate against you for filing a complaint.  The effective date of this Notice is 1/1/2018.