Privacy Policy

Privacy Policy – WeLevelUp.com

Last modified 05/27/2021

This Privacy Policy applies to all of the products, services and websites offered by We Level Up or its subsidiaries or affiliated companies. Sometimes, we may post product specific privacy notices or Help Center materials to explain our products in more detail.

If you have any questions about this Privacy Policy, please feel free to contact us through our website or write to us at
Privacy Matters
We Level Up
1701 Green Rd Suite C
Pompano Beach, FL 33064
USA

Information we collect and how we use it

We may collect the following types of information:

Information you provide – When you contact us, we ask for your personal information. We may combine the information you submit to third parties in order to provide you with a better experience and to improve the quality of our services. For certain services, we may give you the opportunity to opt out of combining such information. Your administrator will have access to your account information including your email. Consult your domain administrator’s privacy policy for more information.

Cookies – When you visit We Level Up’s web pages, we send one or more cookies to your computer or other device. We use cookies to improve the quality of our service, including for storing user preferences, improving search results and ad selection. We Level Up also uses cookies in its advertising services to help advertisers and publishers serve and manage ads across the web.

Log information – When you access We Level Up’s web pages via a browser, application or other client service, servers automatically record certain information. These server logs may include information such as your web request, your interaction with a service, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser or your account.

User communications – When you send email or other communications to We Level Up, we may retain those communications in order to process your inquiries, respond to your requests and improve our services. When you send and receive SMS messages to or from one of our services that provides SMS functionality, we may collect and maintain information associated with those messages, such as the phone number, the wireless carrier associated with the phone number, the content of the message, and the date and time of the transaction. We may use your email address to communicate with you about our services.

Affiliated Google Services on other sites – We offer some of our services on or through other web sites. Personal information that you provide to those sites may be sent to Google in order to deliver the service. We process such information under this Privacy Policy.

Third Party Applications – We Level Up may make available third party applications, such as gadgets or extensions, through its services. The information collected by We Level Up when you enable a third party application is processed under this Privacy Policy. Information collected by the third party application provider is governed by their privacy policies.

Location data – We Level Up offers location-enabled services (such as GPS signals sent by a mobile device) or information that can be used to approximate a location (such as a cell ID or IP address).

Other sites – This Privacy Policy applies to We Level Up services only. We do not exercise control over the sites displayed as search results, sites that include We Level Up applications, products or services, or links from within our various services. These other sites may place their own cookies or other files on your computer, collect data or solicit personal information from you.

In addition to the above, we may use the information we collect to:

Provide, maintain, protect, and improve our services (including advertising services) and develop new services; and

Protect the rights or property of We Level Up or our patients.

If we use this information in a manner different than the purpose for which it was collected, then we will ask for your consent prior to such use.

We Level Up processes personal information on our servers in the United States of America and in other countries. In some cases, we process personal information outside your own country.

Choices

Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some features and services may not function properly if your cookies are disabled.

We Level Up uses the Google and Yahoo retargeting advertising cookies on AdSense partner sites and certain other services to help advertisers and publishers serve and manage ads across the web. You can view and manage your ads preferences associated with this cookie.

Information sharing

We Level Up only shares personal information with other companies or individuals outside of We Level Up in the following limited circumstances:

We have your consent. We require opt-in consent for the sharing of any sensitive personal information.

We provide such information to our subsidiaries, affiliated companies or other trusted businesses or persons for the purpose of processing personal information on our behalf. We require that these parties agree to process such information based on our instructions and in compliance with this Privacy Policy and any other appropriate confidentiality and security measures.

We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against harm to the rights, property or safety of We Level Up, its users or the public as required or permitted by law.

Information security

We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where we store personal data.
We restrict access to personal information to We Level Up employees, contractors and agents who need to know that information in order to process it on our behalf. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.

Accessing and updating personal information

When you use We Level Up services, we make good faith efforts to provide you with access to your personal information and either to correct this data if it is inaccurate or to delete such data at your request if it is not otherwise required to be retained by law or for legitimate business purposes. We ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup tapes), or for which access is not otherwise required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort. Because of the way we maintain certain services, after you delete your information, residual copies may take a period of time before they are deleted from our active servers and may remain in our backup systems. Please review the service Help Centers for more information.

Enforcement

We Level Up complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Google has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Google’s certification, please visit the Safe Harbor website.

We Level Up regularly reviews its compliance with this Privacy Policy. When we receive formal written complaints, it is We Level Up policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between We Level Up and an individual.

Changes to this Privacy Policy

Please note that this Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any Privacy Policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of Privacy Policy changes). We will also keep prior versions of this Privacy Policy in an archive for your review.

NOTICE OF PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.  PLEASE REVIEW THIS CAREFULLY.

Uses and Disclosures:

Treatment. Your health information may be used by staff members or disclosed to other health care professionals for the purpose of evaluating your health, diagnosing medical conditions, and providing treatment. For example, results of laboratory tests and procedures will be available in your medical record to all health professionals who may provide treatment or who may be consulted by staff members.

Payment. Your health information may be used to seek payment from your insurance company(s) (health, dental, auto or other) and from any other source that you may use to pay for services such as credit card, cashier check, personal check and or banking company(s).  For example, your health plan may request and receive information on dates of service, the services provided, and the medical condition being treated.

Health care operations. Your health information may be used as necessary to support the day-to-day activities and management of We Level Up.  For example, information on the services you received may be used to support budgeting and financial reporting, and activities to evaluate and promote quality.

Law enforcement. Your health information may be disclosed to law enforcement agencies, without your permission, to support government audits and inspections, to facilitate law-enforcement investigations, and to comply with government mandated reporting.
Public health reporting. Your health information may be disclosed to public health agencies as required by law. For example, we are required to report certain communicable diseases to the state’s public health department.

Other uses and disclosures require your authorization. Disclosure of your health information or its use for any purpose other than those listed above requires your specific written authorization. If you change your mind after authorizing a use or disclosure of your information you may submit a written revocation of the authorization. However, your decision to revoke the authorization will not affect or undo any use or disclosure of information that occurred before you notified us of your decision.

Additional Uses of Information

Payment reminders: Our staff will use your health information to send you payment reminders. Information about treatments: Your health information may be used to send you information on the treatment and management of your medical condition that you may find to be of interest. We may also send you information describing other health-related goods and service that we believe may interest you.

Individual Rights    
You have certain rights under the federal privacy standards. These include:
•    The right to request restrictions on the use and disclosure of your protected health
•    information
•    The right to receive confidential communications concerning your medical condition and
•    treatment
•    The right to inspect and copy your protected health information
•    The right to amend or submit corrections to your protected health information
•    The right to receive an accounting of how and to whom your protected health information has been disclosed
•    The right to receive a printed copy of this notice

We Level Up Duties 
We are required by law to maintain the privacy of your protected health information and to provide you with this notice of privacy practices. We also are required to abide by the privacy policies and practices that are outlined in this notice.
Right to Revise Privacy Practices 
As permitted by law, we reserve the right to amend or modify our privacy policies and practices. These changes in our policies and practices may be required by changes in federal and state laws and regulations. Whatever the reason for these revisions, we will provide you with a revised notice on your next office visit. The revised policies and practices will be applied to all protected health information that we maintain.

Requests to InspectProtected Health Information
As permitted by federal regulation, we require that requests to inspect or copy protected health information be submitted in writing. You may obtain a form to request access to your records by contacting Medical Records or The Privacy Officer.   If you believe that your privacy rights have been violated, you should call the matter to our attention by sending a letter describing the cause of your concern to the same address.  You will not be penalized or otherwise retaliated against for filing a complaint.

Contact Person 
Contact the Privacy Officer for further information concerning our privacy practices.  (If you would like to submit a comment or complaint about our privacy practices, you can do so by sending a letter outlining your concerns to):

Privacy Officer
We Level Up
1701 Green Rd Suite C
Pompano Beach, FL 33064
USA

Effective Date:     This Notice is effective on or after 01/01/2009

SOCIAL MEDIA ENGAGEMENT DISCLAIMER

You expressly acknowledge that you assume all responsibility related to the security, privacy, and confidentiality risks inherent in sending any content over the internet. By its very nature, a website and the internet cannot be absolutely protected against intentional or malicious intrusion attempts. We Level Up does not control the third party sites and the internet over which you may choose to send confidential personal or health information or other content and, therefore, We Level Up does not warrant safeguard against any such interceptions or compromises to your information. When posting any content on an internet site, you should think carefully about your own privacy in disclosing detailed or private information about yourself and your family. Furthermore, We Level Up does not endorse any product, services, views or content displayed by others on We Level Up social media sites.

By posting any comments, posts or other material on We Level Up blogs or social media sites, you give We Level Up the irrevocable right to reproduce, distribute, publish, display, edit, modify, create derivative works from, and otherwise use your submission for any purpose in any form and on any media.

You agree that you will indemnify We Level Up against any damages, losses, liabilities, judgments, costs or expenses (including attorney’s fees and costs) arising out of a claim by a third party relating to any material you have posted.

When you post a comment to a social media site, including but not limited to: Twitter, Facebook, blogs, multimedia or other user-generated content, it is published for the world to see. For your own privacy and that of your family, you should consider how much detailed personal and medical information is linked to your name.

Information gathered by third party applications may be used for marketing purposes within We Level Up. Information will not be sold or shared.

This policy may be updated at any time without notice, and each time a user accesses a Treatment Center social networking site, the new policy will govern, usage, effective upon posting.

Notice of Privacy Practices for Protected Health Information

[Last modified on May 27, 2021]

Background 

The HIPAA Privacy Rule (45 CFR 164.5) gives individuals the right to be informed of the privacy practices of Ambrosia Treatment Center and to be informed of their privacy rights with respect to their personal health information.  Covered health care providers are required to develop and distribute a notice that provides a clear explanation of these rights and practices. The notice is intended to focus individuals on privacy issues and concerns, and to prompt them to have discussions with their health plans and health care providers and exercise their rights.

Ambrosia Treatment Center reserves the right to change its privacy policy and practices and the terms of this Notice of Privacy Practices, consistent with applicable law and our current business processes, at any time.  Any new Notice of Privacy Practices will be effective for all Privacy Practices that we maintain at that time. Notification of revisions of this Notice of Privacy Practices will be provided as follows:

  1. Upon request;
  2. Electronically via our website or via other electronic means; and
  3. As posted in our place of business.

In addition to the above, we have a duty to respond to your requests (e.g. those corresponding to your rights) in a timely and appropriate manner. We support and value your right to privacy and are committed to maintaining reasonable and appropriate safeguards.

How the Rule Works

General Rule. The Privacy Rule provides that an individual has a right to adequate notice of how a covered entity may use and disclose protected health information about the individual, as well as his or her rights and the covered entity’s obligations with respect to that information. Most covered entities must develop and provide individuals with this notice of their privacy practices.

Content of the Notice. Covered entities are required to provide a notice in plain language that describes:

  • How the covered entity may use and disclose protected health information about an individual.
  • The individual’s rights with respect to the information and how the individual may exercise these rights, including how the individual may complain to the covered entity.
  • The covered entity’s legal duties with respect to the information, including a statement that the covered entity is required by law to maintain the privacy of protected health information.
  • Whom individuals can contact for further information about the covered entity’s privacy policies.

The notice must include an effective date. See 45 CFR 164.520(b) for the specific requirements for developing the content of the notice. A covered entity is required to promptly revise and distribute its notice whenever it makes material changes to any of its privacy practices. See 45 CFR 164.520(b)(3), 164.520(c)(1)(i)(C) for health plans, and 164.520(c)(2)(iv) for covered health care providers with direct treatment relationships with individuals.

Providing the Notice.

  • A covered entity must make its notice available to any person who asks for it.
  • A covered entity must prominently post and make available its notice on any web site it maintains that provides information about its customer services or benefits.
  • Health Plans must also:
    • Provide the notice to individuals then covered by the plan no later than April 14, 2003 (April 14, 2004, for small health plans) and to new enrollees at the time of enrollment.
    • Provide a revised notice to individuals then covered by the plan within 60 days of a material revision.
    • Notify individuals then covered by the plan of the availability of and how to obtain the notice at least once every three years.
  • Covered Direct Treatment Providers must also:
    • Provide the notice to the individual no later than the date of first service delivery (after the April 14, 2003 compliance date of the Privacy Rule) and, except in an emergency treatment situation, make a good faith effort to obtain the individual’s written acknowledgment of receipt of the notice. If an acknowledgment cannot be obtained, the provider must document his or her efforts to obtain the acknowledgment and the reason why it was not obtained.
    • When first service delivery to an individual is provided over the Internet, through e-mail, or otherwise electronically, the provider must send an electronic notice automatically and contemporaneously in response to the individual’s first request for service. The provider must make a good faith effort to obtain a return receipt or other transmission from the individual in response to receiving the notice.
    • In an emergency treatment situation, provide the notice as soon as it is reasonably practicable to do so after the emergency situation has ended. In these situations, providers are not required to make a good faith effort to obtain a written acknowledgment from individuals.
    • Make the latest notice (i.e., the one that reflects any changes in privacy policies) available at the provider’s office or facility for individuals to request to take with them, and post it in a clear and prominent location at the facility.
  • A covered entity may e-mail the notice to an individual if the individual agrees to receive an electronic notice. See 45 CFR 164.520(c) for the specific requirements for providing the notice.

Organizational Options.

  • Any covered entity, including a hybrid entity or an affiliated covered entity, may choose to develop more than one notice, such as when an entity performs different types of covered functions (i.e., the functions that make it a health plan, a health care provider, or a health care clearinghouse) and there are variations in its privacy practices among these covered functions. Covered entities are encouraged to provide individuals with the most specific notice possible.
  • Covered entities that participate in an organized health care arrangement may choose to produce a single, joint notice if certain requirements are met. For example, the joint notice must describe the covered entities and the service delivery sites to which it applies. If any one of the participating covered entities provides the joint notice to an individual, the notice distribution requirement with respect to that individual is met for all of the covered entities. See 45 CFR 164.520(d).

Uses and Disclosures

Uses and disclosures of your PHI may be permitted, required, or authorized. The following categories describe various ways that we use and disclose PHI.

Among Treatment Center Personnel. We may use or disclose information between or among personnel having a need for the information in connection with their duties that arise out of the provision of diagnosis, treatment, or referral for treatment of alcohol or drug abuse, provided such communication is: (i) Within the treatment center; or (ii) Between the treatment center and its related caretakers. For example, our staff, including doctors, nurses, and clinicians, will use your PHI to provide your treatment care. Your PHI may be used in connection with billing statements we send you and in connection with tracking charges and credits to your account. Your PHI will be used to check for eligibility for insurance coverage and prepare claims for your insurance company where appropriate. We may use and disclose your PHI in order to conduct our healthcare business and to perform functions associated with our business activities, including accreditation and licensing.

Secretary of Health and Human Services. We are required to disclose PHI to the Secretary of the U.S. Department of Health and Human Services when the Secretary is investigating or determining our compliance with the HIPAA Privacy Rules.

Business Associates. We may disclose your PHI to Business Associates that are contracted by us to perform services on our behalf which may involve receipt, use or disclose of your PHI. All of our Business Associates must agree to: (i) Protect the privacy of your PHI; (ii) Use and disclose the information only for the purposes for which the Business Associate was engaged; (iii) Be bound by 42 CFR Part 2; and (iv) if necessary, resist in judicial proceedings any efforts to obtain access to patient records except as permitted by law.

Crimes on Premises. We may disclose to law enforcement officers information that is directly related to the commission of a crime on the premises or against our personnel or to a threat to commit such a crime.

Reports of Suspected Child Abuse and Neglect. We may disclose information required to report under state law incidents of suspected child abuse and neglect to the appropriate state or local authorities. However, we may not disclose the original patient records, including for civil or criminal proceedings which may arise out of the report of suspected child abuse and neglect, without consent.

Court Order. We may disclose information required by a court order, provided certain regulatory requirements are met.

Emergency Situations. We may disclose information to medical personnel for the purpose of treating you in an emergency.

Research. We may use and disclose your information for research if certain requirements are met, such as approval by an Institutional Review Board.

Audit and Evaluation Activities. We may disclose your information to persons conducting certain audit and evaluation activities, provided the person agrees to certain restrictions on disclosure of information.

Reporting of Death. We may disclose your information related to cause of death to a public health authority that is authorized to receive such information.

Authorization to Use or Disclose PHI

Other than as stated above, we will not use or disclose your PHI other than with your written authorization. Subject to compliance with limited exceptions, we will not use or disclose psychotherapy notes, use or disclose your PHI for remarketing purposes, or sell your PHI to outside third parties unless you have signed an authorization. If you or your representative authorize us to use or disclose your PHI, you may revoke that authorization in writing at any time to stop future uses or disclosures. We will honor oral revocations upon authenticating your identity until a written revocation is obtained. Your revocation will not affect any use or disclosures permitted by your authorization while it was in effect.

Patient/Client Rights

The following are the rights that you have regarding PHI that we maintain about you. Information regarding how to exercise those rights is also provided. Protecting your PHI is an important part of the services we provide you. We want to ensure that you have access to your PHI when you need it and that you clearly understand your rights as described below.

Right to Notice

You have the right to adequate notice of the uses and disclosures of your PHI, and our duties and responsibilities regarding same, as provided for herein. You have the right to request both a paper and electronic copy of this Notice. You may ask us to provide a copy of this Notice at any time. You may obtain this Notice on our website at www.welevelup.com or from facility staff or our Compliance staff.

Right of Access to Inspect and Copy

You have the right to access, inspect and obtain a copy of your PHI for as long as we maintain it as required by law. This right may be restricted only in certain limited circumstances as dictated by applicable law. All requests for access to your PHI must be made in writing. Under a limited set of circumstances, we may deny your request. Any denial of a request to access will be communicated to you in writing. If you are denied access to your PHI, you may request that the denial be reviewed. Another licensed health care professional chosen by us will review your request and the denial. The person conducting the review will not be the person who denied your request. We will comply with the decision made by the designated professional. If you are further denied, you have a right to have a denial reviewed by a licensed third-party healthcare professional (i.e. one not affiliated with us). We will comply with the decision made by the designated professional.

We may charge a reasonable, cost-based fee for the copying and/or mailing process of your request. As to PHI which may be maintained in electronic form and format, you may request a copy to which you are otherwise entitled in that electronic form and format if it is readily producible, but if not, then in any readable form and format as we may agree (e.g. PDF). Your request may also include transmittal directions to another individual or entity.

Right to Amend

If you believe the PHI we have about you is incorrect or incomplete, you have the right to request that we amend your PHI for as long as it is maintained by us. The request must be made in writing and you must provide a reason to support the requested amendment. Under certain circumstances we may deny your request to amend, including but not limited to, when the PHI: 1. Was not created by us; 2. Is excluded from access and inspection under applicable law; or 3. Is accurate and complete. If we deny amendment, we will provide the rationale for denial to you in writing. You may write a statement of disagreement if your request is denied. This statement will be maintained as part of your PHI and will be included with any disclosure. If we accept the amendment we will work with you to identify other healthcare stakeholders that require notification and provide the notification.

Right to Request an Accounting of Disclosures

We are required to create and maintain an accounting (list) of certain disclosures we make of your PHI. You have the right to request a copy of such an accounting during a time period specified by applicable law prior to the date on which the accounting is requested (up to six years). You must make any request for an accounting in writing. We are not required by law to record certain types of disclosures (such as disclosures made pursuant to an authorization signed by you), and a listing of these disclosures will not be provided. If you request this accounting more than once in a 12-month period, we may charge you a reasonable, cost-based fee for responding to these additional requests. We will notify you of the fee to be charged (if any) at the time of the request.

Right to Request Restrictions

You have the right to request restrictions or limitations on how we use and disclose your PHI for treatment, payment, and operations. We are not required to agree to restrictions for treatment, payment, and healthcare operations except in limited circumstances as described below. This request must be in writing. If we do agree to the restriction, we will comply with restriction going forward, unless you take affirmative steps to revoke it or we believe, in our professional judgment, that an emergency warrants circumventing the restriction in order to provide the appropriate care or unless the use or disclosure is otherwise permitted by law. In rare circumstances, we reserve the right to terminate a restriction that we have previously agreed to, but only after providing you notice of termination.

Out-of-Pocket Payments

If you have paid out-of-pocket (or in other words, you or someone besides your health plan has paid for your care) in full for a specific item or service, you have the right to request that your PHI with respect to that item or service not be disclosed to a health plan for purposes of payment or healthcare operations, and we are required by law to honor that request unless affirmatively terminated by you in writing and when the disclosures are not required by law. This request must be made in writing.

Right to Confidential Communications

You have the right to request that we communicate with you about your PHI and health matters by alternative means or alternative locations. Your request must be made in writing and must specify the alternative means or location. We will accommodate all reasonable requests consistent with our duty to ensure that your PHI is appropriately protected.

Right to Notification of a Breach

You have the right to be notified in the event that we (or one of our Business Associates) discover a breach involving unsecured PHI.

Right to Voice Concerns

You have the right to file a complaint in writing with us or with the U.S. Department of Health and Human Services if you believe we have violated your privacy rights. Any complaints to us should be made in writing to our Privacy Official at the address listed below We will not retaliate against you for filing a complaint.

Questions, Requests for Information, and Complaints

For questions, requests for information, more information about our privacy policy or concerns, please contact us. Our company Chief Compliance Officer can be contacted at:

By Mail:
Privacy Officer
We Level Up
1701 Green Rd Suite C
Pompano Beach, FL 33064
USA

By Phone: 877-219-2888

By Email: For Customer Service, questions about our Privacy Policy, questions about our Data Use or if you wish to no longer receive information from We Level Up: [email protected]