Privacy Policy

THE POINTE MALIBU TREATMENT CENTER

PROTECTED HEALTH INFORMATION
Your Information. Your Rights. Our Responsibilities.

September 2, 2021

This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.

We reserve the right to make changes to this Policy at any given time. If you want to make sure that you are up to date with the latest changes, we advise you to frequently visit this page. If at any point in time The Pointe Malibu Treatment Center decides to make use of any personally identifiable information on file, in a manner vastly different from that which was stated when this information was initially collected, the user or users shall be promptly notified by email. Users at that time shall have the option as to whether to permit the use of their information in this separate manner.

This Policy applies to The Pointe Malibu Treatment Center, and it governs any and all data collection and usage by us. Through the use of thepointemalibu.com, you are therefore consenting to the data collection procedures expressed in this Policy.

Please note that this Policy does not govern the collection and use of information by companies that The Pointe Malibu Treatment Center does not control, nor by individuals not employed or managed by us. If you visit a website that we mention or link to, be sure to review its privacy policy before providing the site with information. It is highly recommended and suggested that you review the privacy policies and statements of any website you choose to use or frequent to better understand the way in which websites garner, make use of and share the information collected.

Information We Collect

It is always up to you whether to disclose personally identifiable information to us, although if you elect not to do so, we reserve the right not to register you as a user or provide you with any products or services. This website collects various types of information, such as:
• Voluntarily provided information which may include your name, address, email address, billing and/or credit card information etc. which may be used when you purchase products and/or services and to deliver the services you have requested.
• Information automatically collected when visiting our website, which may include cookies, third party tracking technologies and server logs.

In addition, The Pointe Malibu Treatment Center may have the occasion to collect non-personal anonymous demographic information, such as age, gender, household income, political affiliation, race, and religion, as well as the type of browser you are using, IP address, or type of operating system, which will assist us in providing and maintaining superior quality service.

The Pointe Malibu Treatment Center may also deem it necessary, from time to time, to follow websites that our users may frequent to gleam what types of services and products may be the most popular to customers or the general public.

Please rest assured that this site will only collect personal information that you knowingly and willingly provide to us by way of surveys, completed membership forms, and emails. It is the intent of this site to use personal information only for the purpose for which it was requested, and any additional uses specifically provided for on this Policy.

Why We Collect Information and For How Long

We are collecting your data for several reasons:

  • To better understand your needs and provide you with the services you have requested;
  • To fulfill our legitimate interest in improving our services and products;
  • To send you promotional emails containing information we think you may like when we have your consent to do so;
  • To contact you to fill out surveys or participate in other types of market research, when we have your consent to do so;
  • To customize our website according to your online behavior and personal preferences.

The data we collect from you will be stored for no longer than necessary. The length of time we retain said information will be determined based upon the following criteria: the length of time your personal information remains relevant; the length of time it is reasonable to keep records to demonstrate that we have fulfilled our duties and obligations; any limitation periods within which claims might be made; any retention periods prescribed by law or recommended by regulators, professional bodies or associations; the type of contract we have with you, the existence of your consent, and our legitimate interest in keeping such information as stated in this Policy.

Disclosure of Information

The Pointe Malibu Treatment Center may not use or disclose the information provided by you except under the following circumstances:

  • as necessary to provide services or products you have ordered;
  • in other ways described in this Policy or to which you have otherwise consented;
  • in the aggregate with other information in such a way so that your identity cannot reasonably be determined;
  • as required by law, or in response to a subpoena or search warrant;
  • to outside auditors who have agreed to keep the information confidential;
  • as necessary to enforce the Terms of Service;
  • as necessary to maintain, safeguard and preserve all the rights and property of The Pointe Malibu Treatment Center.

Non-Marketing Purposes

The Pointe Malibu Treatment Center greatly respects your privacy. We do maintain and reserve the right to contact you if needed for non-marketing purposes (such as bug alerts, security breaches, account issues, and/or changes in The Pointe Malibu Treatment Center products and services). In certain circumstances, we may use our website, newspapers, or other public means to post a notice.

Our Uses and Disclosures

We may use and share your information as we:

  • Treat you
  • Run our organization
  • Bill for your services
  • Help with public health and safety issues
  • Do research
  • Comply with the law
  • Respond to organ and tissue donation requests
  • Work with a medical examiner or funeral director
  • Address workers’ compensation, law enforcement, and other government requests
  • Respond to lawsuits and legal actions

Notice to European Union Users

The Pointe Malibu Treatment Center’s operations are located primarily in the United States. If you provide information to us, the information will be transferred out of the European Union (EU) and sent to the United States. (The adequacy decision on the EU-US Privacy became operational on August 1, 2016. This framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States for commercial purposes. It allows the free transfer of data to companies that are certified in the US under the Privacy Shield.) By providing personal information to us, you are consenting to its storage and use as described in this Policy.

Your Rights

You have the right to:

  • Get a copy of your paper or electronic medical record
  • Correct your paper or electronic medical record
  • Request confidential communication
  • Ask us to limit the information we share
  • Get a list of those with whom we’ve shared your information
  • Get a copy of this privacy notice
  • Choose someone to act for you
  • File a complaint if you believe your privacy rights have been violated

Your Choices

You have some choices in the way that we use and share information as we:

  • Tell family and friends about your condition
  • Provide disaster relief
  • Include you in a hospital directory
  • Provide mental health care
  • Market our services and sell your information
  • Raise funds

Your Rights

When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you.

Get an electronic or paper copy of your medical record

  • You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you. Ask us how to do this.
  • We will provide a copy or a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee.

Ask us to correct your medical record

  • You can ask us to correct health information about you that you think is incorrect or incomplete. Ask us how to do this.
  • We may say “no” to your request, but we’ll tell you why in writing within 60 days.

Request confidential communications

  • You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address.
  • We will say “yes” to all reasonable requests.

Ask us to limit what we use or share

  • You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say “no” if it would affect your care.
  • If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.

Get a list of those with whom we’ve shared information

  • You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.
  • We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.

Get a copy of this privacy notice

You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.

Choose someone to act for you

  • If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information.
  • We will make sure the person has this authority and can act for you before we take any action.

File a complaint if you feel your rights are violated

  • You can complain if you feel we have violated your rights by contacting us using the information on page 1.
  • You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting hhs.gov/ocr/privacy/hipaa/complaints/.
  • We will not retaliate against you for filing a complaint.
  • Your Choices

For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.

In these cases, you have both the right and choice to tell us to:

  • Share information with your family, close friends, or others involved in your care
  • Share information in a disaster relief situation
  • Include your information in a hospital directory

If you are not able to tell us your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.

In these cases we never share your information unless you give us written permission:

  • Marketing purposes
  • Sale of your information
  • Most sharing of psychotherapy notes

In the case of fundraising:

  • We may contact you for fundraising efforts, but you can tell us not to contact you again.
Our Uses and Disclosures

How do we typically use or share your health information?

We typically use or share your health information in the following ways.

Treat you

We can use your health information and share it with other professionals who are treating you.

Example: A doctor treating you for an injury asks another doctor about your overall health condition.

Run our organization

We can use and share your health information to run our practice, improve your care, and contact you when necessary.

Example: We use health information about you to manage your treatment and services.

Bill for your services

We can use and share your health information to bill and get payment from health plans or other entities.

Example: We give information about you to your health insurance plan so it will pay for your services.

How else can we use or share your health information?

We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes. For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.

Help with public health and safety issues

We can share health information about you for certain situations such as:

  • Preventing disease
  • Helping with product recalls
  • Reporting adverse reactions to medications
  • Reporting suspected abuse, neglect, or domestic violence
  • Preventing or reducing a serious threat to anyone’s health or safety

Do research

We can use or share your information for health research.

Comply with the law

We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law.

Respond to organ and tissue donation requests

We can share health information about you with organ procurement organizations.

Work with a medical examiner or funeral director

We can share health information with a coroner, medical examiner, or funeral director when an individual dies.

Address workers’ compensation, law enforcement, and other government requests

We can use or share health information about you:

  • For workers’ compensation claims
  • For law enforcement purposes or with a law enforcement official
  • With health oversight agencies for activities authorized by law
  • For special government functions such as military, national security, and presidential protective services

Respond to lawsuits and legal actions

We can share health information about you in response to a court or administrative order, or in response to a subpoena.

Our Responsibilities

  • We are required by law to maintain the privacy and security of your protected health information.
  • We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
  • We must follow the duties and privacy practices described in this notice and give you a copy of it.
  • We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.

For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.

Acceptance of Terms

By using this website, you are hereby accepting the terms and conditions stipulated within the Privacy Policy Agreement. If you are not in agreement with our terms and conditions, then you should refrain from further use of our sites. In addition, your continued use of our website following the posting of any updates or changes to our terms and conditions shall mean that you agree and acceptance of such changes.

How to Contact Us

If you have any questions or concerns regarding the Privacy Policy Agreement related to our website, please feel free to contact us at the following email, telephone number or mailing address.

Email: compliance at thepointemlibu.com

Telephone Number: 310-924-0780

Mailing Address:
The Pointe Malibu Treatment Center
23410 Civic Center Way, Suite E-4A
Malibu, California
90265

The data controller responsible for your personal information for the purposes of GDPR compliance is:

Compliance Officer
Info at navazon.com
818-534-2200
20700 Venture Boulevard, Woodland Hills, CA 91364

Security

The Pointe Malibu Treatment Center takes precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline. Wherever we collect sensitive information (e.g., credit card information), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the webpage.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers and servers in which we store personally identifiable information are kept in a secure environment. This is all done to prevent any loss, misuse, unauthorized access, disclosure or modification of the user’s personal information under our control.

The company also uses Secure Socket Layer (SSL) for authentication and private communications to build users’ trust and confidence in the internet and website use by providing simple and secure access and communication of credit card and personal information. In addition, The Pointe Malibu Treatment Center is a licensee of TRUSTe. The website is also secured by VeriSign.

Changes to the Terms of this Notice

We can change the terms of this notice, and the changes will apply to all information we have about you. The new notice will be available upon request, in our office, and on our website.

GDPR Disclosure:

If you answered “yes” to the question Does your website comply with the General Data Protection Regulation (“GDPR”)? then the Privacy Policy above includes language that is meant to account for such compliance. Nevertheless, in order to be fully compliant with GDPR regulations your company must fulfill other requirements such as: (i) doing an assessment of data processing activities to improve security; (ii) have a data processing agreement with any third party vendors; (iii) appoint a data protection officer for the company to monitor GDPR compliance; (iv) designate a representative based in the EU under certain circumstances; and (v) have a protocol in place to handle a potential data breach. For more details on how to make sure your company is fully compliant with GDPR, please visit the official website at https://gdpr.eu. FormSwift and its subsidiaries are in no way responsible for determining whether or not your company is in fact compliant with GDPR and takes no responsibility for the use you make of this Privacy Policy or for any potential liability your company may face in relation to any GDPR compliance issues.

COPPA Compliance Disclosure:

This Privacy Policy presumes that your website is not directed at children under the age of 13 and does not knowingly collect personal identifiable information from them or allow others to do the same through your site. If this is not true for your website or online service and you do collect such information (or allow others to do so), please be aware that you must be compliant with all COPPA regulations and guidelines in order to avoid violations which could lead to law enforcement actions, including civil penalties.

In order to be fully compliant with COPPA your website or online service must fulfill other requirements such as: (i) posting a privacy policy which describes not only your practices, but also the practices of any others collecting personal information on your site or service for example, plug-ins or ad networks; (ii) include a prominent link to your privacy policy anywhere you collect personal information from children; (iii) include a description of parental rights (e.g. that you won’t require a child to disclose more information than is reasonably necessary, that they can review their child’s personal information, direct you to delete it, and refuse to allow any further collection or use of the child’s information, and the procedures to exercise their rights); (iv) give parents “direct notice” of your information practices before collecting information from their children; and (v) obtain the parents’ “verifiable consent” before collecting, using or disclosing personal information from a child. For more information on the definition of these terms and how to make sure your website or online service is fully compliant with COPPA please visit https://www.ftc.gov/tips-advice/business-center/guidance/childrens-online-privacy-protection-rule-six-step-compliance. FormSwift and its subsidiaries are in no way responsible for determining whether or not your company is in fact compliant with COPPA and takes no responsibility for the use you make of this Privacy Policy or for any potential liability your company may face in relation to any COPPA compliance issues.