Privacy Policy
Effective Date: June 4, 2025
Summit Together Mental Health (“we,” “our,” or “us”) respects your privacy and is committed to protecting your personal and health information. This policy explains how we collect, use, and protect your information both through our website (www.summitmhealth.com) and during the course of providing psychiatric care. It includes our Notice of Privacy Practices as required by the Health Insurance Portability and Accountability Act (HIPAA).
What Information We Collect
We may collect the following types of information through our website:
Your name, email, phone number, or other contact details (via contact forms or appointment requests)
Browsing behavior or IP address (via analytics tools or cookies)
When you become a patient, we may also collect:
Health history, diagnosis, treatment plans, and medication details
Insurance and billing information
Any other information you share with us during care
How We Use Your Information
We use your information to:
Communicate with you about appointments or inquiries
Coordinate psychiatric care and follow-up services
Improve our website experience
Comply with legal, billing, and administrative obligations
We will never sell your personal or health information.
How We Protect Your Data
All Protected Health Information (PHI) is stored in IntakeQ, our encrypted, HIPAA-compliant electronic health record system.
We limit internal access to only authorized staff members.
We use secure email and encryption when possible to reduce risk.
Any third-party vendor who handles PHI on our behalf must sign a Business Associate Agreement (BAA)ensuring HIPAA compliance.
Email and Digital Communications
While we do our best to keep communications secure, please note:
Standard email may not be encrypted
You should avoid sending sensitive information via unsecured email
You may request secure communication alternatives at any time
—
HIPAA Notice of Privacy Practices
Our Legal Responsibilities
We are required by law to give you this notice. It provides you on how we may use and disclose protected health information about you and describes your rights and our obligations regarding the use and disclosure of that information. We shall maintain the privacy of protected health information and provide you with notice of our legal duties and privacy practices with respect to your protected health information.
You may request a copy of our notice any time. You may contact our Privacy Officer at any time to request a copy of this privacy policy. Our Privacy Offer’s contact information is listed below.
What Is PHI?
Protected Health Information (PHI) includes information such as your name, diagnosis, medications, treatment plans, or any other details that relate to your mental health care and could identify you.
How We May Use and Disclose PHI
The following examples describe ways that we may use your PHI for your treatment, payments, healthcare operations etc. but please be advised that not every use or disclosure in a particular category will be listed.
Treatment: We may use and disclose your protected health information to provide you treatment. This includes disclosing your protected health information to other medical providers, trainees, therapists, medical staff, and office staff that are involved in your health care. For example, your medical provider might need to consult with another provider to coordinate your care. Also, the office staff may need to use and disclose your protected health information to other individuals outside of our office such as the pharmacy when a prescription is called in.
Payment: Your protected health information may also be used to obtain payment from an insurance company or another third part. This may include providing an insurance company your protected health information for a pre-authorization for a medication we prescribed.
Health Care Operations: We may use or disclose your protected health information in order to operate this medical practice. These activities include training students, reviewing cases with employees, utilizing your information to improve the quality of care, and contacting you be telephone, email, or text to remind you of your appointments.
If we have to share your protected health information to third party “business associates” such as a billing service, we will have a written contract that contains terms that will protect the privacy of your protected health information.
We may also use and disclose your protected health information for marketing activities. For example, we might send you a thank you card in the mail with a coupon for specialized services or products. We may also send you information about products or services that might be of interest to you. You can contact us at any point to stop receiving this information.
We will not use or disclose your protected health information for any purpose other than those identified in this policy without your specific, written authorization. You may give us written authorization to use your protected health information or to disclose it to anyone for any purpose. You can revoke this authorization at any time but will not affect the protected health information that was shared while the authorization was in effect.
Appointment reminders: We may contact you as a reminder that you have an appointment for your initial visit, follow up visit, or lab work via text, phone or email.
Others Involved in Your Health Care: We may disclose protected health information about you to your family members or friends if we obtain your verbal agreement to do so, or if we give you an opportunity to object to such a disclosure and you do not raise an objection. For example, we may assume that if your spouse or friend is present during your evaluation, that we can disclose protected professional information to this person. If you are unable to agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment if there is an urgent or emergent need.
Research; We will not use or disclose your health information for research purposes unless you give us authorization to do so.
Organ Donation: If you are an organ donor, we may release protected health information to organizations that handle organ procurement or organ, eye or tissue transplantation if it is necessary to facilitate this process.
Public Health Risks: We may disclose your protected health information, if necessary, in order to prevent or control disease, report adverse events from medications or products, prevent injury, disability or death. This information may be disclosed to healthcare systems, government agencies, or public health authorities. We may have to disclose your protected health information to the Food and Drug Administration to report adverse events, defects, problems, enable recalls etc. if required by FDA regulation.
Health Oversight Activities: We may disclose protected health information to health oversight agencies for audits, investigations, inspections or licensing purposes. These disclosures might be necessary for state and federal agencies to monitor healthcare systems and compliance with civil law.
Required by Law: We will disclose protected health information about you when required to do so by federal, state and/or local law.
Workman’s Compensation: We may disclose your protected health information to workman’s comp or similar programs.
Lawsuits: We may disclose your protected health information in response to a court action, administrative action or a subpoena.
Law Enforcement: We may release protected health information to a law enforcement official in response to a court order, subpoena, warrant, subject to all applicable legal requirements.
Inmates: To a correctional institution (if you are an inmate) or a law enforcement official (if you are in the official’s custody) as necessary (i) for the institution to provide you with health care; (ii) to protect you or others’ health and safety; or (iii) or the safety an security of the correctional institution.
We will never sell your personal or health information.
Your HIPAA Rights
Access to Medical Records: You have the right to access and receive copies of your protected health information that we use to make decisions about your care. You must submit a written request to obtain your protected health information to the individual listed at the end of this privacy policy. We reserve the right to charge you a fee for the time it takes to obtain and copy the protected health information and provide it to you.
Under federal law, however, you may not inspect or copy certain records, including: information compiled in reasonable anticipation of, or use in, a civil, criminal, or administrative action or proceeding; and protecting health information that is subject to law that prohibits access to protected health information. Depending on your circumstances, a decision to deny access may be reviewable. In some circumstances, you may have a right to have this decision reviewed. Please contact our Privacy Offer if you have questions about access to your medical records.
Amendment: If you believe the protected health information we have about you is incorrect or incomplete, you may ask us to amend the information. You will need to submit a written request on why you feel the health information should be amended. We may deny your request to amend if you did not send a written request or give a reason on why it should be amended. If we deny your request, we will provide you a written explanation. We may deny your request if we believe the protected health information is accurate and complete.
Accounting of Disclosures: You have the right to receive a list of instances in which we disclosed your personal health information unless the disclosure was used for treatment, payment, healthcare operations, was pursuant to a valid authorization and as otherwise provided in applicable federal and state laws and regulations. You must submit a written request to obtain this “accounting of disclosures” to the individual listed at the bottom of this policy. After your request has been approved, we will provide you the dates of the disclosure, the name of the individual or entity we disclosed the information to, a description of the information that was disclosed, the reason why it was disclosed, and any additional pertinent information. This information may not be longer than 10 years ago, or the amount of time defined by Colorado laws on Statute of Limitations, prior to the date the accounting is requested. We reserve the right to charge a reasonable fee for this process.
Restriction Requests: You have the right to request a restriction or limitation on the protected health information we use or disclose about you for treatment, payment, or healthcare operations. We shall accommodate your request except where the disclosure is required by law. We require this be a written request submitted to the individual at the end of this policy.
Confidential Communication: You have the right to request that we communicate with you about healthcare matters in a certain way and at a certain location. We must accommodate your request if it is reasonable and allows us to continue to collect payments and bill you.
Paper Copy of this Notice: You may request a hard copy of this practice policy. To obtain this copy, contact the Privacy Offer.
Complaints: If you believe your privacy rights have been violated, you may file a complaint with our office. You may also file a complaint with the U.S. Department of Health and Human Services. We will provide you with the address to file your complaint with the U.S. Department of Health and Human Services upon request.
To exercise any of these rights, please contact our Privacy Officer:
Privacy Officer
Summit Together Mental Health
Janelle Adrienne Aguilon
Email: admin@summitmhealth.com
Phone: 720-994-4810
Breach Notification
In the unlikely event of a breach involving your PHI, we will notify you promptly, in accordance with HIPAA regulations.
We have the right to change these policies at any time. If we change our privacy policies, we will notify you of these changes immediately and update the effective date. This current policy is in effect unless stated otherwise. If the policy is changed, it will apply to all your current and past health information.