REVIVE WELLNESS LLC

NOTICE OF PRIVACY PRACTICES

Effective Date: 1/24/2026
Last Updated: 1/24/2026

REVIVE WELLNESS LLC
2255 Crain Highway Suite 105
Waldorf, MD 20601
Phone: 301.609.2675
Email: info@revivewellnesscenter.org

________________________________________________________________________________

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

________________________________________________________________________________

NOTICE OF PRIVACY PRACTICES

Effective Date: 1/24/2026

Last Updated: 1/24/2026

REVIVE WELLNESS LLC

2255 Crain Highway Suite 105

Waldorf, MD 20601

Phone: 301.609.2675

Email: info@revivewellnesscenter.org

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

1. OUR COMMITMENT TO YOUR PRIVACY

REVIVE WELLNESS LLC is committed to protecting the privacy and confidentiality of your personal and health information. This Notice of Privacy Practices describes how we may use and disclose your Protected Health Information (PHI) to carry out treatment, payment, or healthcare operations, and for other purposes permitted or required by law. It also describes your rights regarding your health information.

We are required by law to:

· Maintain the privacy of your Protected Health Information

· Provide you with this Notice of our legal duties and privacy practices

· Follow the terms of the Notice currently in effect

· Notify you if we are unable to agree to a requested restriction

· Accommodate reasonable requests to communicate health information by alternative means or locations

This Notice applies to all services provided by REVIVE WELLNESS LLC in the District of Columbia, Maryland, Virginia, and Florida.

2. SCOPE OF SERVICES

This Notice applies to all services provided by our practice, including:

· Individual, couples, family, and group psychotherapy

· DOT Substance Abuse Professional (SAP) evaluations and services

· Court-ordered assessments and evaluations

· Fitness-for-duty evaluations

· Employee Assistance Program (EAP) services

· Substance abuse treatment and education programs

· Conflict mediation and resolution services

· Executive and professional coaching

· Behavioral health compliance consulting

· Educational courses and workshops

· Telehealth/virtual counseling services

3. PROTECTED HEALTH INFORMATION (PHI)

Protected Health Information includes any information that identifies you and relates to your:

· Past, present, or future physical or mental health condition

· Healthcare services provided to you

· Payment for healthcare services

Examples include:

· Demographic information (name, address, date of birth, Social Security number)

· Clinical assessments and diagnoses

· Treatment plans and progress notes

· Medical and mental health history

· Substance use history and test results

· Psychotherapy notes (specially protected)

· Billing and insurance information

· Court referral documentation

· DOT SAP evaluation results

4. HOW WE MAY USE AND DISCLOSE YOUR HEALTH INFORMATION

4.1 Uses and Disclosures for Treatment, Payment, and Healthcare Operations

We may use or disclose your PHI without your written authorization for the following purposes:

TREATMENT

· Providing, coordinating, or managing your healthcare and related services

· Consultation with other healthcare providers involved in your care

· Referrals to other practitioners or specialists

· Clinical supervision and case consultation

· Coordination of care between our multi-state locations

Example: We may share information with your physician to coordinate integrated care for substance abuse treatment.

PAYMENT

· Obtaining payment for services provided

· Billing and collection activities

· Submitting claims to your health insurance company

· Verifying insurance coverage and benefits

· Payment processing and financial management

Example: We may disclose your diagnosis and treatment dates to your insurance company to obtain payment for services.

HEALTHCARE OPERATIONS

· Quality assessment and improvement activities

· Staff training and supervision

· Credentialing and licensing activities

· Compliance with legal and regulatory requirements

· Business planning and development

· Customer service activities

· Resolution of internal grievances

Example: We may use your information in training sessions to improve the quality of care, with all identifying information removed.

4.2 Uses and Disclosures That Require Your Written Authorization

The following uses and disclosures require your specific written authorization:

· Psychotherapy Notes: Most uses and disclosures of psychotherapy notes (personal notes kept separate from your medical record)

· Marketing: Communications about products or services that encourage you to purchase or use them

· Sale of PHI: Any disclosure that constitutes a sale of your information

· Other Purposes: Any use or disclosure not described in this Notice

You have the right to revoke any authorization in writing at any time, except to the extent we have already acted in reliance on it.

4.3 Uses and Disclosures Without Authorization (As Required or Permitted by Law)

We may use or disclose your PHI without your authorization in the following circumstances:

MANDATORY REPORTING

Child Abuse or Neglect: When we have reasonable cause to suspect child abuse or neglect, we are required by law to report this information to the appropriate state child protective services agency.

Elder or Dependent Adult Abuse: When we have reasonable cause to suspect abuse, neglect, or exploitation of an elder or dependent adult, we must report to Adult Protective Services.

Threats of Harm: When you communicate a serious threat of physical violence against a reasonably identifiable victim or yourself, we may disclose information to law enforcement, the potential victim, and/or emergency services.

Court Orders and Legal Proceedings: When required by a court order, subpoena, warrant, or other legal process, we may disclose information as directed by the court.

DOT SUBSTANCE ABUSE PROFESSIONAL SERVICES

If you are receiving DOT SAP services, federal regulations require specific disclosures:

· SAP evaluation results must be reported to your employer's Designated Employer Representative (DER)

· Return-to-duty evaluation results must be provided to the employer

· Follow-up testing plans and compliance must be reported

· Reports to the Medical Review Officer (MRO) regarding your participation

· Communication with treatment providers regarding your compliance

These DOT-mandated disclosures do not require your separate written authorization, as they are required by federal transportation safety regulations (49 CFR Part 40).

COURT-ORDERED EVALUATIONS

When services are court-ordered:

· Evaluation results and recommendations will be provided to the referring court

· Compliance with court-mandated treatment will be reported as required

· Information may be shared with probation officers, attorneys, or other court-designated parties

· The court, not the client, is typically considered the "client" for evaluation services

OTHER PERMITTED DISCLOSURES

Law Enforcement: In response to a court order, warrant, subpoena, or similar legal process; to identify or locate a suspect or fugitive; about victims of crime under limited circumstances; about deaths we believe may have resulted from criminal conduct.

Health Oversight Activities: To federal or state agencies for activities such as audits, investigations, licensure, and disciplinary actions.

Public Health: To public health authorities for purposes such as preventing or controlling disease, injury, or disability; reporting adverse events or product defects; and notifying persons of recalls.

Coroners and Medical Examiners: For identification purposes, determining cause of death, or performing other duties authorized by law.

Research: For research purposes when approved by an institutional review board that has reviewed the research proposal and established protocols to protect privacy.

Workers' Compensation: When necessary to comply with workers' compensation or similar programs that provide benefits for work-related injuries or illness.

Military and Veterans: If you are a member of the armed forces, we may disclose information as required by military command authorities.

National Security and Intelligence: To authorized federal officials for intelligence, counterintelligence, and other national security activities authorized by law.

Correctional Institutions: If you are an inmate or under custody of law enforcement, we may disclose information to the correctional institution or law enforcement official for certain purposes.

Business Associates: We may disclose information to our business associates (such as billing companies, electronic health record vendors, or attorneys) who perform services on our behalf. These business associates are required by contract to safeguard your information.

5. YOUR RIGHTS REGARDING YOUR HEALTH INFORMATION

You have the following rights regarding your Protected Health Information:

5.1 Right to Inspect and Copy

You have the right to inspect and obtain a copy of your health information that may be used to make decisions about your care, including:

· Medical and billing records

· Treatment plans and progress notes

· Assessment reports

Important Exceptions:

· Psychotherapy notes are not available for copying

· Information compiled for legal proceedings

· Information restricted by law

· Information that your provider determines may endanger you or another person

Process:

· Submit a written request to our Privacy Officer

· We will respond within 30 days (or 60 days if records are stored off-site)

· We may charge a reasonable fee for copying, mailing, and supplies

· We may provide a summary instead of full copies if you agree in advance

5.2 Right to Amend

If you believe information in your record is incorrect or incomplete, you may request an amendment.

Process:

· Submit a written request identifying what information you want changed and why

· We will respond within 60 days

· We may deny your request if the information is accurate and complete, was not created by us, is not available for inspection, or was not created by our practice

If Denied:

· You may submit a written statement of disagreement

· We may prepare a rebuttal

· Both statements will be included with your records

5.3 Right to an Accounting of Disclosures

You have the right to receive a list of certain disclosures we have made of your PHI within the past six years (or shorter period if you request).

The accounting will include:

· Date of disclosure

· Name of person or organization receiving information

· Brief description of information disclosed

· Purpose of disclosure

Exceptions (not included in accounting):

· Disclosures for treatment, payment, or healthcare operations

· Disclosures made to you or with your authorization

· Disclosures for national security or intelligence purposes

· Disclosures to correctional institutions or law enforcement

· Disclosures that occurred prior to April 14, 2003

Process:

· Submit a written request

· First accounting in a 12-month period is free

· We may charge a reasonable fee for additional requests

· We will respond within 60 days

5.4 Right to Request Restrictions

You have the right to request restrictions on how we use or disclose your information for treatment, payment, or healthcare operations. You may also request limits on disclosures to family members or others involved in your care.

Important Information:

· We are not required to agree to your request

· If we do agree, we will comply unless the information is needed for emergency treatment

· You must make your request in writing

Special Right:

If you pay for services out-of-pocket in full, you have the right to request that we not disclose information about those services to your health insurance plan for payment or healthcare operations purposes. We must agree to this request unless disclosure is required by law.

5.5 Right to Request Confidential Communications

You have the right to request that we communicate with you about health matters in a certain way or at a certain location.

Examples:

· Request that we call you at work instead of home

· Request communications be sent to a P.O. Box instead of street address

· Request that we not leave voicemail messages

Process:

· Submit a written request specifying how or where you wish to be contacted

· We will accommodate reasonable requests

· We may ask for information about how payment will be handled

5.6 Right to a Paper Copy of This Notice

You have the right to receive a paper copy of this Notice at any time, even if you have previously received an electronic copy or agreed to receive it electronically.

How to Obtain a Copy:

· Request a copy from any staff member during your visit

· Contact our Privacy Officer

· Download from our website (when available)

5.7 Right to Be Notified of a Breach

You have the right to be notified if there is a breach of your unsecured PHI. We will notify you without unreasonable delay and no later than 60 days following discovery of a breach.

5.8 Right to Receive Notice of Privacy Practices

You have the right to receive this Notice at your first service session. For ongoing treatment, you have the right to receive any revised Notice.

6. SPECIAL PROTECTIONS FOR CERTAIN TYPES OF INFORMATION

6.1 Psychotherapy Notes

Psychotherapy notes are notes recorded by a mental health professional documenting or analyzing the contents of conversation during a private counseling session. These notes are kept separate from the rest of your medical record and have special protection under federal law.

We will not disclose psychotherapy notes without your written authorization except:

· For our own training programs

· To defend ourselves in legal proceedings brought by you

· As required by law (such as mandatory reporting of abuse)

· To the coroner or medical examiner after your death

· To avert a serious and imminent threat to health or safety

6.2 Mental Health and Substance Abuse Records

Mental health and substance abuse treatment records have additional protections under federal law (42 CFR Part 2) and state law. Information related to substance abuse treatment is particularly protected and generally cannot be disclosed without your written consent except in limited circumstances.

6.3 HIV/AIDS Information

Information about HIV/AIDS status has special protection under state law and will not be disclosed without your specific written authorization except as required or permitted by law.

6.4 Genetic Information

We will not use or disclose genetic information for underwriting purposes.

7. MINORS AND PARENTAL RIGHTS

7.1 General Rule

In most cases, parents or legal guardians have the right to access the health information of their minor children (under age 18).

7.2 Exceptions

State law may limit parental access in certain situations:

· When the minor consents to care and parental consent is not required under law

· When the minor obtains care at the direction of a court or person appointed by the court

· When parental access would have a detrimental effect on our professional relationship with the minor or the minor's physical safety or well-being

7.3 Adolescent Confidentiality

We believe that therapy is most effective when adolescents (typically ages 13-17) have some degree of privacy. We will discuss confidentiality boundaries with both the minor and parents/guardians at the outset of treatment, including:

· What information will be shared with parents

· What information will remain confidential

· Exceptions to confidentiality (safety concerns, abuse, court orders)

8. TELEHEALTH SERVICES

When providing services via telehealth/teletherapy:

Technology and Security:

· We use HIPAA-compliant video conferencing platforms with encryption

· While we implement appropriate safeguards, no internet transmission is 100% secure

· You are responsible for ensuring your own privacy during sessions (private location, secure internet connection)

Your Responsibilities:

· Provide accurate contact and location information

· Ensure you are in a private, confidential space

· Have a backup plan for technical difficulties

· Understand that emergency services may be limited in a telehealth context

Our Limitations:

· We cannot guarantee the complete security of electronic communications

· Sessions may be interrupted or affected by technical issues

· Response time for electronic communications may vary

9. ELECTRONIC COMMUNICATIONS

9.1 Email Communication

Email is not a secure method of communication. We recommend limiting email to administrative matters such as appointment scheduling. Clinical information should not be sent via unencrypted email.

If you choose to communicate via email:

· We cannot guarantee confidentiality

· Messages may be printed and placed in your clinical record

· We will respond to emails within 48 business hours when possible

9.2 Text Messaging

SMS Terms of Service

By opting into SMS from a web form or other medium, you are agreeing to receive SMS messages from Revive Wellness. This includes SMS messages for conversations (external). Message frequency varies. Message and data rates may apply. See privacy policy at https://www.revivewellnesscenter.org. Message HELP for help. Reply STOP to any message to opt out.

Messaging frequency may vary.

Message and data rates may apply.
To opt out at any time, text STOP.
For assistance, text HELP or visit our website at https://www.revive-wellness-centers.com/.
Visit https://www.revivewellnesscenter.org for privacy policy and https://WWW.REVIVEWELLNESSCENTER.ORG for Terms of Service.

Text messages are not secure and should only be used for appointment reminders and scheduling. Do not send clinical information via text message.

9.3 Social Media

We do not accept friend or contact requests from current or former clients on social networking sites to maintain appropriate professional boundaries and protect your confidentiality.

10. CLIENTS INVOLVED IN LITIGATION

If you are involved in divorce, custody, or other legal proceedings, we will not provide evaluations or expert witness testimony in such matters. If your records are subpoenaed, we will assert all applicable legal privileges unless you sign a valid authorization directing us to release records.

Important Information:

· Court-ordered evaluations are different from therapy and have different confidentiality rules

· Therapy records may not be helpful in legal proceedings and may even be harmful

· We can provide you with referrals to evaluators who specialize in forensic services

11. EMERGENCY SITUATIONS

In an emergency situation where you are unable to provide authorization, we may use or disclose your PHI if we determine in our professional judgment that the disclosure is in your best interest. We will only disclose information that is directly relevant to the person's involvement in your care.

12. RESEARCH

We may use or disclose your PHI for research purposes only when:

· An Institutional Review Board has approved the research project

· You have provided written authorization

· The research involves only a review of records or obtaining information from records

· The research is conducted on decedent information

· An Institutional Review Board has waived the authorization requirement and privacy protections are in place

13. DATA SECURITY AND SAFEGUARDS

We maintain physical, electronic, and administrative safeguards to protect your information:

Physical Safeguards:

· Locked filing cabinets for paper records

· Secure office with controlled access

· Visitor sign-in procedures

· Secure document destruction (shredding)

Electronic Safeguards:

· Encrypted electronic health records systems

· Password-protected computers and devices

· Firewall and antivirus protection

· Regular security updates and patches

· Automatic logout after periods of inactivity

· Secure, encrypted email when available

· HIPAA-compliant cloud storage with encryption

Administrative Safeguards:

· Staff training on HIPAA and confidentiality

· Business associate agreements with all vendors

· Regular security risk assessments

· Privacy and security policies and procedures

· Designated Privacy and Security Officer

· Incident response procedures

14. RETENTION OF RECORDS

We retain health records in accordance with federal and state law requirements:

· Adult Records: Minimum of 7 years from the last date of service

· Minor Records: Minimum of 7 years after the minor reaches the age of majority (typically age 18), or 7 years from last service, whichever is longer

· DOT SAP Records: 5 years as required by DOT regulations (49 CFR Part 40)

· Court-Ordered Evaluation Records: As required by court order or applicable law

· Billing and Financial Records: 7 years from date of service

Records may be retained longer based on:

· Ongoing treatment relationships

· Legal requirements or pending litigation

· Regulatory requirements

· Clinical necessity

Disposal of Records:

When records are destroyed, they are disposed of in a manner that protects confidentiality (shredding, secure electronic deletion).

15. BUSINESS ASSOCIATES

We may disclose your PHI to our business associates who perform services on our behalf. These may include:

· Electronic health record vendors

· Billing and claims processing companies

· Legal and accounting services

· Information technology support

· Transcription services

· Secure cloud storage providers

· Telehealth platform providers

All business associates are required to:

· Sign a Business Associate Agreement

· Implement appropriate safeguards

· Report any breaches or security incidents

· Use or disclose information only as permitted by contract

· Comply with all applicable HIPAA requirements

16. BREACH NOTIFICATION

In the unlikely event of a breach of your unsecured Protected Health Information, we will:

· Investigate the breach

· Notify you without unreasonable delay and no later than 60 days after discovery

· Provide information about what happened, what information was involved, and steps you can take to protect yourself

· Notify the U.S. Department of Health and Human Services if required

· Notify media outlets if the breach affects more than 500 individuals

17. CHANGES TO THIS NOTICE

We reserve the right to change this Notice of Privacy Practices. Any changes will apply to all Protected Health Information we maintain, including information created or received before the change.

When We Make Changes:

· The revised Notice will be effective for all PHI we maintain

· We will post the new Notice in our office

· We will make copies available at our office

· We will post the Notice on our website (when available)

· You may request a copy of the current Notice at any time

Effective Date:

The effective date of this Notice is printed at the top of the first page. We will not make material changes to our privacy practices without updating this Notice.

18. COMPLAINTS

If you believe your privacy rights have been violated, you have the right to file a complaint.

18.1 How to File a Complaint with REVIVE WELLNESS LLC

Contact our Privacy Officer:

Camille Lewis, LCPC-S

Clinical Director & Privacy Officer

REVIVE WELLNESS LLC

2255 Crain Highway Suite 105

Waldorf, MD 20601

Phone: 301.609.2675

Email: info@revivewellnesscenter.org

Your Complaint Should Include:

· Your name and contact information

· Description of the privacy concern

· When the incident occurred

· Any other relevant details

We Will:

· Investigate all complaints promptly and thoroughly

· Respond to you within 30 days

· Take corrective action if necessary

· Maintain confidentiality of your complaint

18.2 How to File a Complaint with the Federal Government

You may also file a complaint with the U.S. Department of Health and Human Services:

Office for Civil Rights

U.S. Department of Health and Human Services

200 Independence Avenue, S.W.

Room 509F, HHH Building

Washington, D.C. 20201

Phone: 1-877-696-6775

Website: www.hhs.gov/ocr/privacy/hipaa/complaints/

Online Complaint Portal: https://ocrportal.hhs.gov/ocr/portal/lobby.jsf

18.3 No Retaliation

You will not be retaliated against, penalized, or in any way suffer negative consequences for filing a complaint. Your decision to file a complaint will not affect your treatment or services in any way.

19. QUESTIONS AND CONTACT INFORMATION

If you have questions about this Notice or our privacy practices, or if you need assistance exercising your privacy rights, please contact:

Privacy Officer:

Camille Lewis, LCPC-S, DOT SAP, CEAP, NCC

Clinical Director & Privacy Officer

REVIVE WELLNESS LLC

2255 Crain Highway Suite 105

Waldorf, MD 20601

Phone: 301.609.2675

Email: info@revivewellnesscenter.org

Website: www.revivewellnesscenter.org

Office Hours:

[Insert office hours]

20. MULTI-STATE PRACTICE NOTICE

REVIVE WELLNESS LLC provides services in multiple states, including the District of Columbia, Maryland, Virginia, and Florida. Each state has its own privacy laws that may provide additional protections beyond federal HIPAA requirements.

State-Specific Protections:

We comply with the privacy laws of each state in which we are licensed and provide services. If state law provides greater privacy protections than federal law, we will follow the more stringent state requirements.

Questions About State Laws:

If you have questions about privacy protections specific to your state, please ask our Privacy Officer.

21. ACKNOWLEDGMENT OF RECEIPT

I acknowledge that I have received a copy of REVIVE WELLNESS LLC's Notice of Privacy Practices.

I understand that:

· This Notice describes how my health information may be used and disclosed

· I have the right to review this Notice before signing this acknowledgment

· REVIVE WELLNESS LLC reserves the right to change the terms of this Notice

· I may request a revised copy of this Notice at any time

· I have the right to file a complaint if I believe my privacy rights have been violated

Client Name (Print): _______________________________________________

Client Signature: _____________________________________ Date: _____________

Parent/Legal Guardian Signature (if applicable): __________________________ Date: _____________

Relationship to Client: _______________________________________________

For Office Use Only:

Staff Member Name: _______________________________________________

Staff Signature: _____________________________________ Date: _____________

Notes: ________________________________________________________________

________________________________________________________________________

If client refuses or is unable to sign:

Reason for non-signature: _______________________________________________

________________________________________________________________________

Staff Signature: _____________________________________ Date: _____________

APPENDIX: DEFINITIONS

Business Associate: A person or organization that performs services on behalf of a covered entity that involve the use or disclosure of Protected Health Information.

Covered Entity: Health plans, healthcare clearinghouses, and healthcare providers who transmit health information electronically.

Designated Employer Representative (DER): The employer official authorized to receive drug and alcohol testing information under DOT regulations.

Disclosure: The release, transfer, or provision of access to Protected Health Information to persons or entities outside of our practice.

Health Information: Any information, whether oral or recorded, that relates to the past, present, or future physical or mental health or condition of an individual.

Medical Review Officer (MRO): A licensed physician responsible for receiving and reviewing laboratory results in DOT drug testing programs.

Protected Health Information (PHI): Individually identifiable health information that is transmitted or maintained in any form or medium.

Psychotherapy Notes: Notes recorded by a mental health professional documenting or analyzing the contents of conversation during a private counseling session, kept separate from the medical record.

Treatment: The provision, coordination, or management of healthcare and related services, including consultation between providers and referral of a patient.

Use: The sharing, employment, application, utilization, examination, or analysis of Protected Health Information within our practice.

END OF NOTICE OF PRIVACY PRACTICES

This Notice of Privacy Practices is effective as of 1/24/2026 and complies with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule (45 CFR Parts 160 and 164) and applicable state privacy laws.

REVIVE WELLNESS LLC

2255 Crain Highway Suite 105

Waldorf, MD 20601

Phone: 301.609.2675

Email: info@revivewellnesscenter.org