No Insurance Clinic HTX

HIPAA Privacy Policy Statement

No Insurance Clinic HTX

At No Insurance Clinic HTX, protecting your privacy is a core part of how we operate. We understand the responsibility that comes with handling your health information, and we follow strict standards set by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Our systems, processes, and staff training are all built around keeping your information secure and used only for legitimate clinical and operational needs.

How We Protect Your Information

We use secure electronic systems that require unique logins for every authorized team member. Any time your information is viewed, updated, or changed, the system records who accessed it and when. These logs help us maintain accuracy, accountability, and transparency.

Members of our technical team may occasionally come in contact with electronic protected health information (ePHI). Before they are allowed to work with these systems, they complete internal clearance procedures and are assigned secure credentials. These safeguards help ensure that your information remains protected at all times.

Working With Business Associates

Some of the work required to deliver efficient care involves outside vendors or service providers. When these partners need access to your information to assist us, HIPAA requires a formal Business Associate Agreement (BAA).
This agreement requires them to:

  • Use your information only for the service they provide
  • Protect it with strict administrative, physical, and technical safeguards

We only work with partners who meet these standards.

Our Privacy Commitment

Your health information is personal, and we take our duty to protect it seriously. We are required by law to safeguard your protected health information (PHI), inform you of your privacy rights, and follow the policies described in this notice. If updates to our privacy practices ever become necessary, we will revise this notice and apply the new version to all PHI we maintain.

Below is a detailed summary of how your information may be used and shared as part of the care and services we provide.

How Your Information May Be Used or Shared Without Your Written Permission

Treatment

Your information may be shared among our clinical team—doctors, nurses, and supporting staff—so they can coordinate your care, review your medical needs, and provide appropriate treatment.

Payment

We may share limited information with payers or entities involved in billing to process payment for services you receive.

Health Care Operations

We may use your information to support essential clinic operations, such as quality reviews, training staff, managing billing processes, or improving how we deliver care.

Health Information Exchanges

To support continuity of care, we may participate in secure electronic networks that allow providers to share relevant patient information.
If you prefer not to participate, you can request to opt out at any time.

People Helping With Your Care

If you do not object, we may share necessary information with a family member, caregiver, or someone involved in assisting you or handling your payment.

Fundraising Communication

At times, we may contact you regarding clinic-supported fundraising efforts. You may opt out of these messages by emailing info@noinsuranceclinichtx.com.

General Communication With You

We may reach out about appointments, test results, billing matters, or other care-related updates through the contact details you provide. This may include phone calls, emails, or text messages.
Messaging rates may apply, and electronic communication may not be fully secure.

Research

When allowed by law, some PHI may be used for approved research projects. When required, we will ask for your authorization first.

Business Associates

Vendors assisting us with operational or administrative tasks may receive limited PHI as needed. These entities must follow HIPAA rules and protect your information just as we do.

Other Situations Required by Law

We may be required or permitted to share information in situations such as:

  • Public health reporting
  • Suspected abuse or neglect
  • Oversight audits and inspections
  • Emergency situations where safety is at risk
  • Court orders or legal inquiries
  • Law enforcement requests
  • Medical examiner or coroner needs
  • Organ donation coordination
  • National security or protective service purposes
  • Workers’ compensation claims

Uses That Require Your Authorization

We will ask for your written permission before using or sharing your information for:

  • Most psychotherapy notes
  • Marketing activities
  • Any disclosure that involves payment or sale of PHI
  • Certain types of research
  • Sensitive categories such as mental health, substance use treatment, or HIV-related information, unless permitted by law

You may revoke your authorization at any time in writing.

Your Rights

Right to Access

You may request to review or receive a copy of your medical records in paper or electronic form. Fees may apply as allowed by law.
To request access, please contact info@noinsuranceclinichtx.com.

Right to Request a Correction

If you believe part of your record is incomplete or inaccurate, you may submit a written request explaining what needs to be updated.

Right to an Accounting of Disclosures

You may ask for a list of certain disclosures we’ve made in the past six years, excluding those related to treatment, payment, or general operations.

Right to Request Restrictions

You may ask us to limit how your information is used or shared. While we cannot guarantee all restrictions, we will consider each request carefully.

Right to Restrict Health Plan Disclosure

If you pay for a service in full out-of-pocket, you may request that we do not share details of that visit with your health plan.

Right to Confidential Communication

You may request that we contact you in a specific way or at a specific location.

Right to Breach Notification

If your PHI is ever involved in a security breach, we will notify you promptly and no later than 60 days after discovering the incident.