1. Introduction & Our Commitment to Privacy

Advent Group Ministries (“we,” “us,” “our”) is dedicated to protecting the privacy and confidentiality of your health information. This Notice describes how we may use and disclose your protected health information (PHI) in the course of providing individual, couples, family, or group therapy, including via telehealth, and it outlines your rights under the federal law Health Insurance Portability and Accountability Act of 1996 (HIPAA) regarding your PHI.

We are required by law to:

• Maintain the privacy of your PHI;

• Provide you with this Notice of our legal duties and privacy practices with respect to PHI;

• Abide by the terms of this Notice as currently in effect;

• Notify you in the event of a breach of your unsecured PHI.

If we materially change our privacy practices, we will revise this Notice. The new version will apply to PHI we already maintain, and we will make the revised Notice available in our offices and on our website.

 

2. Definitions & Key Concepts

• Protected Health Information (PHI): Individually identifiable health information, in any form, that relates to your past, present, or future physical or mental health condition; the provision of health care services; or payment for such services.
• Use: When we access, analyze, handle, or internally share PHI within our agency.
• Disclosure: When we release, transfer, or share PHI with outside parties.
• Psychotherapy Notes: Notes your therapist keeps separate from the rest of your record about your conversations during a session; these are subject to stricter protections under HIPAA.
• Telehealth / Teletherapy: The delivery of therapy services using electronic communications (e.g., video, audio) when you and your therapist are not physically in the same location.

 

3. How We May Use and Disclose PHI Without Your Authorization

The following are permitted uses and disclosures under HIPAA. We will limit uses and disclosures to the minimum necessary to achieve the intended purpose, except for treatment disclosures.

 

A. For Treatment

We may use and disclose PHI to provide, coordinate, manage, or facilitate your therapy, including:

•  Communication among your therapists, supervisors, or consulting professionals;

• Referrals or consultation with other behavioral health or medical providers, with attention to the minimum necessary standard;

• Use of telehealth platforms and tools, with safeguards to protect your privacy.

Telehealth Consent:
Before initiating telehealth services, we will obtain your informed consent, either verbally or in writing, in accordance with California law. This includes informing you of your right to in-person services, the voluntary nature of telehealth, and any limitations or risks associated with remote care—such as technology failures, privacy concerns, or the need for follow-up in-person visits. We will also discuss available transportation options if in-person care becomes necessary.

 

B. For Payment

We may use and disclose PHI so that we can bill, obtain payment, or coordinate payment for the therapy services we provide, including to your insurance company or third-party payer, to verify coverage or eligibility, and for claims adjudication.

 

C. For Health Care Operations

We may use or disclose PHI for internal operations necessary to run our practice, including:
• Quality improvement, audits, compliance, and risk management;
• Staff training, supervision, credentialing;
• Business management and administrative activities.

 

D. Appointment Reminders & Treatment Alternatives

We may use PHI to send you reminders of upcoming appointments, to provide you with information about treatment options, or to inform you about health-related benefits or services.

 

E. When Required or Permitted by Law (without authorization)

We may disclose PHI without authorization in certain situations, including:

• Required by law: e.g. reporting child abuse, elder abuse, or threats to public health or safety;

• Law enforcement or legal proceedings: when permitted by law (e.g., subpoena, court order);

• Health oversight: to regulatory, licensing, auditing, or compliance agencies;

• Serious threat: when required to prevent or lessen a serious and imminent threat to the health or safety of you or others;

• Coroner, funeral, organ donation: as needed;

• Public health activities: e.g. disease reporting, FDA oversight;

• Military, national security, or other special governmental functions.

Psychiatric Emergencies & Involuntary Holds (California Welfare & Institutions Code §§5000 et seq.)
Under the Lanterman-Petris-Short (LPS) Act, individuals may be placed on a 72-hour involuntary hold (a “5150”) if they are determined to be a danger to themselves, a danger to others, or gravely disabled due to a mental disorder. Following evaluation, longer holds (such as a 14-day “5250”) may occur. During such situations, disclosure of PHI may be necessary for evaluation, treatment, or coordination with designated facilities and professionals, consistent with HIPAA and California law. Individuals retain due process rights, including notice and access to legal representation. All disclosures during LPS proceedings will comply with both federal and state confidentiality standards.

 

F. Psychotherapy Notes & Specialized Disclosures

Psychotherapy notes are subject to more stringent protections. Except in very limited circumstances (or as required by law), we must obtain your separate written authorization to use or disclose your psychotherapy notes.

Additionally, if disclosures are sought outside of treatment, payment, or operations (e.g. to a third party), an authorization is generally required.

 

4. Uses and Disclosures With Your Written Authorization

For any use or disclosure of PHI not otherwise permitted under HIPAA (e.g. to a non-treating third party, marketing, or research), we must first obtain your written authorization. You may revoke your authorization in writing at any time, except to the extent that we have already acted in reliance on it.

 

5. Your Rights Concerning Your PHI

Under HIPAA, you have the following rights (subject to certain limitations and applicable state law):

1. Right to Inspect and Copy: You may request to see or obtain a copy (paper or electronic) of your PHI maintained in our designated record sets, usually within 30 days.

2. Right to Amend: You may request that we amend your PHI if you believe it is incomplete or incorrect, with an explanation. We may deny your request under certain conditions.

3. Right to an Accounting of Disclosures: You may request a list (“accounting”) of non-routine disclosures of your PHI (beyond treatment, payment, and health care operations) over the past six years (or shorter period if state law requires).

4. Right to Request Restrictions: You may ask us to restrict how we use or disclose your PHI for treatment, payment, or operations. We are not required to agree, except in the case where you pay out-of-pocket in full for a service and ask us not to share that PHI with your insurer — in that circumstance, if we agree, we must honor the restriction.

5. Right to Confidential Communications: You may request that communications be made to you by alternative means or at an alternate location (e.g., a different mailing address). We will accommodate reasonable requests.

6. Right to a Paper Copy of this Notice: You may request a paper copy of this Notice even if you have agreed to receive it electronically.

7. Right to Choose Someone to Act for You: If you have a legal representative or guardian, they may exercise your rights under this Notice (with verification).

8. Right to be Notified of a Breach: We will notify you if there is a breach of your unsecured PHI as required by law.

 

6. Additional Privacy Practices

 

A. Group Therapy Confidentiality

While we are committed to protecting your PHI under HIPAA and California confidentiality laws, please note that confidentiality among group therapy participants cannot be guaranteed. We ask all members to respect each other’s privacy; however, because we do not control participants’ actions, disclosures made during group sessions may not remain confidential. This limitation is recognized by California behavioral health guidance, which clarifies that peer-to-peer confidentiality in group settings is not legally enforceable by the provider.

 

B. Minor Consent & Parental Access (California Law)

In accordance with California Family Code §6924 and Health & Safety Code §124260, minors aged 12 and older may consent to outpatient mental health treatment if, in the judgment of the treating professional, they are mature enough to participate intelligently.
While parental involvement is encouraged, a clinician may determine—after consulting with the minor—that involving a parent or guardian would be inappropriate or harmful. In such cases, we will document the rationale. Parents generally may not access the minor’s records if doing so would compromise the minor’s safety or therapeutic progress, as permitted under California law.

 

C. California Mental Health Confidentiality Laws

California’s mental health confidentiality laws (Welfare & Institutions Code §§5328 et seq.) provide stronger protections than HIPAA in some cases. All records and information obtained during mental health treatment—voluntary or involuntary—are confidential. Disclosure is only permitted:
• Between qualified professionals for treatment or referral;
• With patient consent, or the consent of a legal guardian or conservator;
• For certain juvenile dependents, to social workers or probation officers, but not for criminal use unless otherwise permitted by law.

Unauthorized disclosure may result in legal penalties under California law.

 

7. How to Exercise Your Rights and Contact Us

To exercise any of the above rights, make a request in writing to:

Chief Operating Officer
Advent Group Ministries
90 Great Oaks Blvd. #108
San Jose, CA 95119
(408) 281-0708

We will respond to your request within the timeframe required by law (30 days; may extend by 30 days with notice). If we deny your request, we will provide a written explanation of the reasons and your rights to appeal.

 

8. Complaints

If you believe your privacy rights have been violated, you may file a complaint with us (via the Chief Operating Officer) or with the U.S. Department of Health and Human Services Office for Civil Rights. We will not retaliate against you for filing a complaint.

U.S. Department of Health & Human Services
Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
HHS OCR Hotline: 1-877-696-6775
Website: https://www.hhs.gov/ocr/privacy/hipaa/complaints

 

9. Miscellaneous

• Minimum Necessary Standard: Except for disclosures for treatment, we will make a reasonable effort to limit PHI used or disclosed to the minimum amount necessary.
• State Law May Provide Greater Protections: Where California law or other applicable state mental health confidentiality rules are more protective than HIPAA, we will follow the stricter standard.
• Business Associates: Some services may be performed on our behalf by third parties (e.g. billing, electronic record hosting). We have contracts ensuring they protect PHI consistent with HIPAA.
• Telehealth Safeguards: In delivering services via telehealth, we implement reasonable technical and administrative safeguards (e.g., encrypted platforms, secure connections, and informed consent regarding privacy risks).