Notice of Privacy Practices

    There are times when the laws require us to use or share your information. For example:

    1. When there is a serious threat to your/your child's or another’s health and safety or to the public. We will only share information with persons who are able to help prevent or reduce the threat.
    2. When we are mandated to report child abuse or neglect or elder abuse or neglect.
    3. When we are required to do so by lawsuits and other legal or court proceedings.
    4. If a law enforcement official requires us to do so.
    5. For workers’ compensation and similar benefit programs.
    6. When the use and disclosure without your consent or authorization is allowed under other sections of Section 164.512 of the HIPAA Privacy Rule and the Commonwealth of Massachusett’s confidentiality law. This includes certain narrowly-defined disclosures to law enforcement agencies, to a health oversight agency (such as HHS or a state department of health), to a coroner or medical examiner, for public health purposes relating to disease or FDA-regulated products, or for specialized government functions such as fitness for military duties, eligibility for VA benefits, and national security and intelligence.

    You have a right to be notified if there is a breach of your unsecured PHI. You have a right to be notified if: (a) there is a breach (a use or disclosure of your PHI in violation of the HIPAA Privacy Rule) involving your PHI; (b) that PHI has not been encrypted to government standards; and (c) my risk assessment fails to determine that there is a low probability that your PHI has been compromised.

    1. When the Practice becomes aware of or suspects a security breach the practice will conduct a Risk Assessment. The Practice will keep a written record of that Risk Assessment.
    2. Unless the Practice determines that there is a low probability that PHI has been compromised, the Practice will give notice of the breach within 60 days of discovery.
    3. The risk assessment can be done by a business associate if it was involved in the breach. While the business associate will conduct a risk assessment of a breach of PHI in its control, the Practice will provide any required notice to patients and HHS.
    4. After any breach, particularly one that requires notice, the Practice will re-assess its privacy and security practices to determine what changes should be made to prevent the re-occurrence of such breaches.

    If you are concerned about your PHI, you have the right to ask us not to use or share some of it for treatment, payment, or administrative purposes. You will have to tell us what you want in writing. Although we will try to respect your wishes, we are not required to accept these limitations. However, if we do agree, we promise to do as you asked. After you have signed this consent, you have the right to revoke it in writing.

    Please note: if you ask us to consult with other caregivers or with educators regarding your child, this request will release us to share information pertinent to the consultation.

    Electronic communication: at times, you may wish to communicate with this office via email. Please note that this is not necessarily a secure means of communication.

    We invite you to view our list of upcoming events and to listen to one of our past events. 

    Parent Guide to Assessment

    Your Child’s Assessment and Diagnosis
    A Guide for Parents

    New Patient
    Intake Packet

    Forms  to be filled out in advance
    of your upcoming appointment