Anza_Wellness_And_Recovery_For_Mental_Health_And_Wound_Care_Services

HIPAA & Privacy Policy 

Introduction

Anza Wellness and Recovery is committed to protecting the privacy and security of your Protected Health Information (PHI). This policy outlines our practices and procedures to comply with the Health Insurance Portability and Accountability Act (HIPAA) and its related regulations.


Definitions

  • Protected Health Information (PHI): Individually identifiable health information that is transmitted by electronic media, maintained in electronic media, or transmitted or maintained in any other form or medium.  
  • HIPAA: Health Insurance Portability and Accountability Act of 1996.
  • Business Associate: An entity that performs functions or activities on behalf of, or provides services to, a covered entity.


Policy Statement

Anza Wellness and is committed to safeguarding the privacy and security of your PHI. We will take all reasonable and appropriate measures to protect your PHI from unauthorized access, use, disclosure, alteration, or destruction.
















Security Measures

We implement the following security measures to protect your PHI:

  • Administrative Safeguards:
      • Regular training for employees on HIPAA regulations and security best practices.
      • Development and implementation of written information security policies and procedures.
      • Designation of a HIPAA Privacy Officer.
      • Regular risk assessments and vulnerability analyses.
      • Incident response plan for handling data breaches.
  • Physical Safeguards:
      • Secure physical facilities with access controls.
      • Proper disposal of paper records.
      • Secure storage of electronic media.
      • Controlled access to workstations and devices.
  • Technical Safeguards:
      • Strong access controls, including unique user IDs, strong passwords, and multi-factor authentication.
      • Encryption of electronic PHI.
      • Firewalls and intrusion detection systems to protect network security.
      • Regular software updates and security patches.
      • Data backup and disaster recovery plans.


Data Breach Notification

In the event of a data breach, we will promptly investigate the incident and notify affected individuals and regulatory authorities as required by law.


Employee Training

All employees who have access to PHI will receive regular training on HIPAA regulations and security best practices.


Business Associate Agreements

We will only engage with business associates who have executed a Business Associate Agreement (BAA) to ensure the protection of PHI.


Patient Rights

You have the right to:

  • Access your PHI
  • Request corrections to your PHI
  • Receive a notice of privacy practices
  • Request restrictions on the use and disclosure of your PHI
  • Receive a paper copy of this notice
  • File a complaint with the Office for Civil Rights (OCR)


Contact Information

If you have any questions or concerns about our HIPAA and PHI policies, please contact:

Ashley Trino,  Office Manager  at  Ashley.Trino@Anzawellness.com or Tel: 480-999-8295.




















Review and Updates

We will review and update this policy annually to ensure compliance with HIPAA regulations and industry best practices.

Additional Considerations:

  • Data Minimization: Collect and retain only the necessary PHI.
  • Purpose Limitation: Use PHI only for authorized purposes.
  • Data Integrity: Ensure the accuracy and completeness of PHI.
  • Confidentiality and Discretion: Maintain confidentiality and discretion when handling PHI.
  • Third-Party Disclosures: Carefully consider third-party disclosures and obtain necessary authorizations.
  • Mobile Device Security: Implement policies and procedures for securing mobile devices that access PHI.
  • Remote Access Security: Secure remote access to electronic PHI systems.
  • Vendor Management: Conduct due diligence on vendors and ensure they have adequate security measures in place.
  • Regular Security Audits: Conduct regular security audits and vulnerability assessments.


By adhering to these principles and implementing robust security measures, we can effectively protect patient privacy and comply with HIPAA regulations.


Patient Confidentiality in High-Profile Cases

Anza Wellness & Recovery understands that some patients may be involved in high-profile incidents. We are committed to protecting their privacy even in such cases. We will not tolerate any employee accessing a patient's PHI out of curiosity.


We are committed to providing excellent care to all our patients while maintaining the highest standards of privacy and confidentiality.


Anza_Wellness_HIPAA_Compliance
Anza_Wellness_Contact_Anza_Wellness

CALIFORNIA DHCS LICENCE NUMBER 360170AP   Expires: 11/30/2026

ARIZONA DHS LICENCE NUMBER: OTC12330         Expires: 11/01/2025





     



Office Hours are Mon- Fri 8:00 AM to 5:00 PM

Please call us or email us for any information

Anza_Wellness_AZDHS_Licensed
Anza_Wellness_DHCS_Licensed
Terms & Conditions
Privacy Policy

www.Anzawellness.com

Customerservice@AnzaWellness.com

Tel: 480-999-8295

Caleb-SMĀ©All Rights Reserved

HIPAA Policy
: