• A prism of light over the photo of an extended hand

PRISM Wellness Solutions

Privacy Policy and HIPAA Notice of Privacy Practices

Introduction

THIS NOTICE DESCRIBES HOW YOUR MEDICAL AND TREATMENT INFORMATION MAY BE USED AND DISCLOSED, HOW YOU CAN ACCESS THIS INFORMATION, AND YOUR RIGHTS REGARDING YOUR HEALTH INFORMATION. PLEASE REVIEW IT CAREFULLY.

Your health information is personal, and PRISM Wellness Solutions (“PRISM,” “we,” “our,” or “us”) is committed to protecting your privacy while providing high-quality, affirming mental health care. If you have any questions about this notice or your privacy rights, you may contact us at:

Privacy Contact: contactus@prismlex.com
Office Address: 989 Governors Lane Ste 140, Lexington, KY 40513
Phone: (859) 494-9984

We provide this notice in compliance with the Health Insurance Portability and Accountability Act (HIPAA), which mandates that we safeguard your Protected Health Information (PHI) and inform you about how we collect, use, and share your information.

PRISM Wellness Solutions follows federal and state laws to ensure your health information remains confidential and is used only in ways that support your care. This notice outlines:

  • How we use and disclose your PHI
  • Your privacy rights
  • How we protect your information
  • Your options for requesting privacy protections

1. How We Use and Disclose Your Health Information

We may use and disclose your PHI for purposes related to treatment, payment, and healthcare operations, as permitted by law

  • For Treatment – To provide, coordinate, and manage your healthcare. (Example: Your therapist may share relevant health information with a specialist to improve your care.)
  • For Payment – To bill and receive payment for your services. (Example: We may submit claims to your insurance provider.)
  • For Healthcare Operations – To enhance the quality and effectiveness of our services. (Example: Internal reviews and compliance checks.)
  • As Required by Law – We may disclose PHI in response to legal requirements, including public health reporting, abuse prevention, and law enforcement requests.
  • For Appointment Reminders and Communication – We may contact you via phone, email, text, or mail to provide appointment reminders, treatment options, or service updates.

PRISM Wellness Solutions will not use or share your PHI for marketing, fundraising, or selling purposes without your written permission.

2. Your Privacy Rights Under HIPAA

As a patient, you have the right to:

  • Access Your Records – Request and receive a copy of your medical records.
  • Request Corrections – Ask for updates to incomplete or inaccurate information.
  • Confidential Communication – Request how we contact you (e.g., email, phone, or mail).
  • Restrict Uses & Disclosures – Limit how we share your PHI (subject to legal limitations).
  • Receive a List of Disclosures – Request an accounting of who has accessed your PHI.
  • Obtain a Copy of This Notice – Request a physical or digital copy at any time.
  • File a Complaint – If you believe your privacy rights have been violated, you can file a complaint with us or the U.S. Department of Health & Human Services (HHS) without fear of retaliation.

3. Protections for Mental Health and Substance Use Disorder Records

Psychotherapy Notes

Psychotherapy notes are protected under HIPAA and require special handling. These notes are kept separate from your medical records and are not shared without your written authorization, except under limited circumstances such as:

  • If the notes are necessary for your treatment by the original provider.
  • If they are used for internal training of mental health professionals.
  • If required by law or to prevent a serious threat to safety.

Substance Use Disorder (SUD) Records

PRISM Wellness Solutions provides substance use disorder (SUD) treatment. Your SUD records are confidential and require your written consent for disclosure, except:

  • When required by law.
  • When de-identified data is shared for public health reporting.
  • In the case of a medical emergency.

Your SUD records cannot be used against you in legal proceedings without your consent or a court order.

4. Health Information Exchange (HIE)

We participate in a Health Information Exchange (HIE), a secure electronic system that allows healthcare providers to share medical information to coordinate your care.

By signing the PRISM Patient Services Agreement, you opt into the HIE. If you wish to opt out, contact us.

HIEs do not share substance use treatment records unless you sign a separate consent form.

5. How We Protect Your Information

We take strong technical, administrative, and physical security measures to protect your PHI, including:

  • Encrypted Electronic Records – Your data is stored securely using HIPAA-compliant encryption.
  • Access Controls – Only authorized staff have access to your PHI.
  • Secure Communications – Emails and digital records comply with HIPAA security standards.
  • Staff Training – Our team is trained on HIPAA compliance and patient privacy best practices.

6. Changes to This Notice

We reserve the right to update this notice as needed. The latest version will always be available on our website or upon request.

7. Contact Information and Complaints

If you have questions about this notice or wish to file a complaint, you may contact:

PRISM Wellness Solutions
989 Governors Lane Ste 140
Lexington, KY 40513
Phone: (859) 494-9984
Email: contactus@prismlex.com

If you believe your privacy rights have been violated, you may also file a complaint with:

U.S. Department of Health & Human Services – Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
Toll-Free: (800) 368-1019
Website: https://www.hhs.gov/hipaa

In Case of Emergency

  • If you are experiencing a medical emergency, call 911.
  • If you are in a mental health crisis, call the 988 Suicide & Crisis Lifeline.
© 2025 PRISM Wellness Solutions • Lexington, KY