Privacy Policy
General Privacy Policy
Lumos Youth Counseling (“Company,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information of our clients, website visitors, and any individuals who interact with our services. By using our website and services, you agree to the terms of this policy.
1. Information We Collect
We may collect the following types of information to provide and improve our services:
- Personal Information: Your name, email address, phone number, mailing address, date of birth, gender, and any additional information you choose to provide in forms or during intake.
- Health-Related Information: Any therapy-related details or medical information you voluntarily provide through our forms or sessions.
- Payment Information: Credit card details or banking information if required to process payments for services.
- Non-Personal Information: IP address, browser type, device information, and cookies or tracking data to help us analyze website usage and improve user experience.
2. How We Use Your Information
We use the information we collect for various purposes, including but not limited to:
- Providing therapy and counseling services, including scheduling appointments and communicating with you about those services.
- Improving our website, services, and user experience based on analytics and feedback.
- Processing payments for our services (if applicable).
- Complying with legal obligations and protecting against potential fraud or threats.
- Ensuring the safety of our clients and staff, in accordance with ethical and legal guidelines.
We will never sell or rent your personal information to third parties.
3. How We Share Your Information
We only share your personal information in the ways described below or with your explicit consent.
- Service Providers: We may share information with trusted third-party service providers who assist us with website hosting, payment processing, administrative support, or other functions necessary to deliver our services. These providers are required to protect your information and only use it for authorized purposes.
- Legal Compliance & Safety: We may disclose information if required by law, court order, or to protect the safety of our clients, staff, or the public. This includes responding to valid legal requests by public authorities.
- With Your Consent: We will seek explicit consent before sharing any personal or medical information with individuals or entities not mentioned above.
4. Data Security
We take appropriate measures to protect your personal information, including secure encryption of sensitive data, restricted access to personal information, and regular security audits. However, no system is completely secure, and we cannot guarantee absolute protection against unauthorized access or data breaches.
5. Your Rights and Choices
Depending on your jurisdiction, you may have the following rights regarding your personal information:
- Access & Correction: You can request to review and correct your personal information at any time.
- Data Deletion: You may request the deletion of your personal data, subject to legal and contractual obligations.
- Opt-Out of Communications: You can unsubscribe from marketing emails or update your SMS preferences.
To exercise these rights, please contact us at the information provided below.
6. Children's Privacy
Lumos Youth Counseling is dedicated to protecting children's privacy. We do not knowingly collect personal information from children under the age of 13 without verifiable parental consent. If you believe we have inadvertently collected information from a child under 13, please contact us immediately so we can take appropriate measures.
7. Third-Party Links
Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.
8. Changes to This Policy
We reserve the right to update or modify this Privacy Policy at any time. Any changes will be posted on this page with an updated “Effective Date.” Your continued use of our website or services following the posting of changes indicates your acceptance of those changes.
9. Contact Us
If you have any questions or concerns about this Privacy Policy, or if you wish to exercise any of your rights, please contact us at:
- Lumos Youth Counseling
- 14241 South Redwood Rd Suite 300, Building A Bluffdale, Utah 84065
- [email protected]
- (385) 342-2808
Lumos Youth Counseling HIPAA Compliance Policy
1. Purpose
Lumos Youth Counseling is committed to protecting the privacy and security of Protected Health Information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA). This policy establishes guidelines to ensure that all staff, contractors, and affiliated entities handle PHI in accordance with federal and state regulations.
2. Scope
This policy applies to all employees, interns, contractors, and business associates of Lumos Youth Counseling who have access to PHI in any form (electronic, paper, or verbal).
3. Definitions
Protected Health Information (PHI): Any information that identifies a client and relates to their health, treatment, or payment for healthcare services.
Covered Entity: Lumos Youth Counseling, as a provider of mental health services.
Business Associate: Any third-party entity that performs services for Lumos Youth Counseling and has access to PHI.
4. Privacy & Security Measures
a. Access to PHI – Only authorized personnel are permitted to access PHI.
Minimum Necessary Rule: Staff must only access the amount of PHI necessary to perform their job functions.
b. Storage & Transmission of PHI – PHI must be stored securely, both physically (locked files) and electronically (password-protected and encrypted systems). Email and electronic communication containing PHI must be encrypted. PHI should not be shared via text messages or unapproved communication platforms.
c. Disclosure of PHI – PHI may only be disclosed with the client's written consent, except in cases required by law (e.g., mandatory reporting, court orders, or medical emergencies). Business Associate Agreements (BAAs) must be in place with all third-party service providers handling PHI.
5. Client Rights
- Request access to their PHI.
- Request amendments to their PHI.
- Receive an accounting of disclosures.
- File a complaint if they believe their privacy rights have been violated.
6. Employee Responsibilities & Training
All employees must complete HIPAA training upon hire and annually thereafter. Any suspected breach of PHI must be reported immediately to the Compliance Officer. Employees must follow all security measures to prevent unauthorized access, use, or disclosure of PHI.
7. Data Breach & Incident Reporting
Any breach or suspected breach of PHI must be reported to the Compliance Officer immediately. The Compliance Officer will assess the breach, mitigate harm, and follow HIPAA breach notification requirements.
8. Violations & Enforcement
Violations of this policy may result in disciplinary action, including termination. Legal consequences, including civil and criminal penalties, may apply for intentional HIPAA violations.
9. Compliance Oversight
Lumos Youth Counseling will conduct periodic audits to ensure HIPAA compliance. The Compliance Officer is responsible for overseeing and updating this policy as needed to remain compliant with HIPAA regulations.
10. Contact Information
For questions or concerns regarding HIPAA compliance, contact: [email protected]
SMS Campaign Data Sharing
We will not share your opt-in to an SMS campaign with any third party for purposes unrelated to providing you with the services of that campaign. We may share your Personal Data, including your SMS opt-in or consent status, with third-party service providers that help us deliver our messaging services (such as platform providers and phone companies). All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.