This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

Information Collection and Use
For a better experience while using our website, we may require you to provide us with certain personally identifiable information, including but not limited to your name, phone number, and email address. The information that we collect will be used to contact or identify you.

When do we collect information?
We collect information from you when you fill out a form, Use Live Chat or enter information on our site.

Cookies are files with small amount of data that is commonly used an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your computer’s hard drive.
Our website does not use cookies.

We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.

California Privacy Rights
Pursuant to California Civil Code Section 1798.83, California residents have the right to request from a business any personal information that a business may have shared with a third party for direct marketing purposes. To make such a request, please email us at: .

The California Online Privacy Protection Act (CalOPPA) requires the Company to disclose how it responds to Do Not Track signals set in a user’s browser. We support Do Not Track browser settings. If you enable Do Not Track settings in the browser you are using, the Company will not store or use information about you other than your visit to the Company’s website.

Links to Other Sites
Our Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Children’s Privacy
Our Services do not address anyone under the age of 13. We do not knowingly collect personal identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions.

Into Action Recovery Centers Locations and Services
This Notice describes the privacy practices of Into Action Recovery Centers, which includes each of our facilities (Inpatient Program, Intensive Outpatient Program, Outreach Offices, and Corporate Offices) in the following service delivery sites/locations: Houston, Texas; Webster, Texas. When we say “Into Action Recovery Centers” we mean all of these facilities, individually and collectively.

All of the people that make up Into Action Recovery Centers follow this Notice. Into Action Recovery Centers includes clinicians, physicians, skilled nursing services, pharmacy services, laboratory services, ancillary/support services, and other related health care providers such as contract labor, students, and trainees. We are required to abide by the terms of this Notice when we use or disclose your medical information. We restrict access to your medical information to those employees who need to know in order to provide appropriate treatment or series to you or to conduct Into Action Recovery Centers business on your behalf.

Understanding Your Medical Records
Into Action Recovery Centers creates a record of the care and services you receive from its various facilities. We understand that medical information about you and your health is personal. Care records include demographics, diagnosis, treatment, referral, and various forms containing billing information. This type of medical information is often called “Protected Health Information” (PHI). We are committed to protecting medical information about you, whether electronically, on paper or orally. This Notice applies to all of the medical records of your care within Into Action Recovery Centers.

Our Legal Duty
Into Action Recovery Centers is bound by Federal and State privacy and confidentiality laws to maintain information about your health, healthcare, and payment services in a confidential fashion. It is our obligation to provide you with this Notice of our legal duties and privacy practices with respect to your PHI.

Privacy and Confidentiality Obligations
PHI is protected under the following Federal and State regulations:

Federal Confidentiality Laws:
42 CFR Part 2, Substance Abuse Confidentiality Regulations

45 CFR Parts 160 and 164, Subparts A and E, known as the Health Insurance Portability and Accountability Act (HIPAA Omnibus Final Rule)

Subtitle D of the Health Information Technology for Economic and Clinical Health (HITECH) Act, part of the American Recovery and Reinvestment Act (ARRA) of 2009

State Confidentiality Laws:
Texas Medical Records Privacy Act, Part of the Texas Health and Safety Code, Chapter 181

Texas House Bill 300

How We May Use (or Not Use) and Disclose Health Information about You
Methods of disclosure may include the following: mail, fax, verbal, secure/encrypted email, secure/encrypted DVD/CD as applicable for communication with designated recipients.

For Treatment: We will use and disclose your protected health information (PHI) to provide you with treatment services. With your authorization, we may use and disclose your PHI as part of a referral to a specialist physician or for other treatment related services if necessary. Your authorization is not required in a medical emergency; however, the information released will be limited to only that which is necessary for the emergency services being rendered.

For Payment: With your authorization, we may use and disclose your PHI to receive payment for the treatment services provided, such as sending billing information to a health insurance plan. Should you choose to pay out-of-pocket, no information will be shared with your insurance company unless you request so in writing.

For Healthcare Operations: We may use and disclose your PHI for administrative purposes in order to evaluate the quality of care that you receive through audits and/or on-site inspections by licensing and accrediting entities or through our normal course of business with other entities with whom we have a Business Associate Agreement. These agreements are put in place to help protect your PHI from further disclosure and to specify that they are responsible for the security of that information.

With Authorization: In any other situation, we will ask for your written authorization before using or disclosing any PHI about you. If you choose to sign an authorization to disclose information, you can later revoke that authorization in writing to stop any future uses and disclosures.

Individuals Involved in Your Care or Payment for Care: With your signed authorization, your PHI may be disclosed to a family member, friend or other person to help with your healthcare.

Incompetent and Deceased Patients: In such cases, authorization of a personal representative, guardian, executor of estate, or other person authorized by applicable state/federal law, will need to prove relationship and sign an authorization to have your PHI disclosed to them.

Marketing Communications: We may not use your PHI for marketing purposes. We may not sell your PHI.

Fundraising Communications: We do not engage in fundraising activities and your PHI will not be disclosed for such activities without your written consent.

Research: We do not disclose PHI for research purposes without your written consent. Information without patient identifiable date may be used for generic research.

Worker’s Compensation and Disability: With your signed authorization, PHI about you may be disclosed for worker’s compensation, disability, or similar programs.

Appointment Reminders: With your signed authorization, (available at our Austin location only) we will contact you via a generic text message (to the phone number of your choice) to remind you of your future appointment(s) for treatment services with us.

Written Authorizations:
We may disclose your PHI when we receive a written authorization from you to do so. This authorization must be completed on a form that specifically meets State and Federal applicable requirements. Into Action Recovery Centers “Authorization to Release Protected Health Information” is available at all of our locations or can be requested at any time.

Should you decide to revoke a signed authorization, you may do so at any time, except to the extent that action has been taken in reliance on it, the authorization has already expired and/or has already been revoked. If you are currently receiving services and want to revoke an authorization, we ask that you see speak to your counselor to complete the necessary revocation process. After discharge, you may visit any of our locations to complete the “Revocation of Authorization to Release Protected Health Information” form, or obtain the form from our website at Please note: revocation begins when we receive the completed and signed revocation form in one of our offices.

Uses and Disclosures WITHOUT Your Written Authorization
We may disclose your protected health information (PHI) without your written authorization only under the following circumstances.

Medical Emergencies: We may use or disclose your PHI in a medical emergency situation to medical personnel only. The information will be limited to that which is needed to provide you with the emergency services.

Consistent with Federal, State, or Local Law: We may use or disclose your PHI to the extent that the use or disclosure is required by law, made in compliance with the law, and limited to the relevant requirements of the law. You will be notified, as required by law, of any such uses or disclosures. Under the law, we must make disclosures of your PHI to you upon your request.

Secretary of Health and Human Services: We are required to disclose your PHI to the Secretary of Health and Human Services for the purpose of investigating or determining our compliance with the requirements of the of the HIPAA Privacy Rule.

Victim of Abuse or Neglect (Child/Elder Abuse or Neglect): We may disclose your PHI to a state or local agency that is authorized by law to receive reports of child or elder abuse or neglect; however, the information we disclose is limited to only that information which is necessary to make the initial mandated report.

Public Health Activities/Communicable Disease: We may disclose your PHI to a state or local agency that is authorized by law to receive reports of diagnosed communicable disease; however, the information we disclose is limited to only that information which is necessary to make the initial mandated report.

Health Oversight Activities: We may disclose your PHI to a health oversight agency for activities authorized by law, such as audits, investigations, and inspections. Oversight agencies seeking this information include government agencies and organizations that provide financial assistance to the program (such as third-party payers) and peer review organizations performing utilization and quality control.

Business Associates: We may use or disclose your PHI to our “Business Associates” (BA) who perform certain functions or activities that involve the use or disclosure of PHI on behalf of, or provides services to us. All of our BA’s are obligated to protect the privacy of your PHI and may use the information only for the purposes for which the BA was engaged.

Data Breach Notification Purposes: We may use or disclose your PHI to provide legally required notices of unauthorized access to or disclosure of your PHI. We will notify you in writing following a breach of unsecured PHI.

Deceased Patients: We may disclose PHI regarding deceased patients for the purpose of determining the cause of death or permitting inquiry into the cause of death. We may disclose PHI to coroners and medical examiners consistent with applicable law, as necessary to carry out their duties.

Criminal Activity on the Facility Premises/Against Into Action Recovery Centers Personnel: We may disclose your PHI to law enforcement officials if you have committed a crime on the facility premises or against Into Action Recovery Centers personnel.

Judicial and Administrative Proceedings: We may disclose your PHI in response to a court order or administrative tribunal order, a subpoena, a discovery request, or other lawful process by only when we have followed procedures required by law. We may disclose your PHI if the court issues an appropriate order and follows required procedures. Your PHI will also be released to our Corporate Attorney.

Uses and Disclosures That Require Us to Give You an Opportunity to Object and Opt
Other Categories: Other uses and disclosures of PHI not covered by this Notice or the laws that apply to us will be made only with your written authorization.

Your Rights Regarding Your Protected Health Information
Although your medical record is the physical property of Into Action Recovery Centers, the information belongs to you. You have the right to:

Right to Access, Inspect and Copy: You have the right to review, inspect, request and get copies of your PHI used to make decisions about you and your care for as long as we maintain the PHI as required by law. If you are a current patient, this review is usually done in the presence of the physician or your case manager. If you are an ex-patient, this review is done in our Medical Records Office. You have the right to request a copy of your medical records. If you are a current patient and wish to receive a copy of your record, you will need to do so in writing with a staff member, for example, your case manager. Your record will be forwarded to you within three weeks of discharge.

If you are an ex-patient, you will make your request for copies in writing to the Health Information Manager (Medical Records Office). Records will be mailed/faxed to you within 15-business days. We may charge a reasonable cost-based fee for copies. Should we deny your request for a specific document copy for any reason, i.e. Medical Staff believes the content of the document would be harmful to your recovery, an alternate document will be made available to you in its place based on your needs for the information and the data you are seeking.

Right to an Electronic Copy of Electronic Medical Records: If your Protected Health Information (PHI) is maintained in an electronic format (known as an electronic medical record/electronic health record), you have the right to request that an electronic copy of your record be given to you. Into Action Recovery Centers makes this electronic exchange via its primary service location in Hunt, Texas. A request for electronic records must be made in writing and will be available on a password protected, encrypted disc, in 3-working days.

Notification of a Breach: You have the right to be notified in the event that we (or one of our “Business Associates”) discovers a breach of any of your unsecured PHI. This notification must be done in a timely fashion after the date of discovery has occurred.

Right to Amend: If you feel information in your record is incorrect or if important information is missing, you have the right to request that we amend the information. We are not required to agree to the amendment. The request for amendment needs to be in writing. Please contact the Privacy Officer for assistance with correct form completion and process guidelines.

Right to an Accounting of Disclosures: You have the right to request in writing an accounting of the disclosures we make of your PHI for reasons other than treatment, payment or healthcare operations during the last 6 years. If you request this accounting more than once in a 12-month period, we may charge you a reasonable, cost-based fee for responding to these additional requests.

Right to Request Restrictions: You have the right to request in writing a restriction or limitation on the use of your PHI for treatment, payment, or healthcare operations. We are not required to agree to your request.

Right to Request Alternate Confidential Communications: You have the right to request in writing that we communicate with you about medical matters in a certain way or at a certain location. We are not required to agree to your request.

Out of Pocket Payments: If you paid “out of pocket” (or in other words, you have requested that we not bill your health plan) in full for a specific item or service, you have the right to request in writing that your PHI with respect to that item or service not be disclosed to a health plan for purposes of payment or health care operations, and we will honor that request.

Right to a Copy of This Notice: You have a right to a copy of this notice. You may request to have a paper copy of this Notice at any time. You may also obtain it from our website at

Changes to This Privacy Policy
We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately, after they are posted on this page.

Contact Us
If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us.