top of page

Privacy Policy

A legal disclaimer

Last Updated: December 2025
Uriel Behavioral Wellness Inc. – Northridge, California

Uriel Behavioral Wellness Inc. (“we,” “our,” or “the practice”) is committed to protecting your privacy, confidentiality, and personal information. We understand that engaging in mental and behavioral health services requires trust, and we take that responsibility seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information and Protected Health Information (“PHI”) across all services, including in-person care, telehealth, digital communications, and our website.

1. Information We Collect

We collect information in several categories:

A. Personal Identifiable Information (PII)

  • Full name

  • Mailing and physical address

  • Email address

  • Date of birth

  • Phone number

  • Emergency contact information

  • Identification documents (if provided)

B. Protected Health Information (PHI)

(Protected under HIPAA and California’s CMIA – Confidentiality of Medical Information Act)

  • Mental health history

  • Diagnosis and treatment plans

  • Provider notes

  • Medication information

  • Assessment results

  • Session history and attendance

  • Care coordination communications

C. Financial & Insurance Information

  • Insurance carrier details

  • Policy numbers

  • Claims data

  • Payment methods (credit card, check, etc.)

  • Billing address

D. Digital & Website Information

Collected automatically through our website:

  • IP address

  • Browser type

  • Device type

  • Cookie and tracking data

  • Usage analytics (non-identifiable)

We do not collect PHI through cookies or web analytics.

2. How We Collect Information

We may collect information through:

  • Intake forms and onboarding documents

  • Telehealth platforms

  • Phone calls, emails, text messages, and secure messaging platforms

  • In-person sessions

  • Insurance submissions

  • Appointment scheduling tools

  • Website forms or contact requests

We ensure that all PHI is collected through secure, HIPAA-compliant methods.

3. How We Use Your Information

We use your information to deliver safe, effective behavioral health services:

A. Treatment & Care

  • Diagnose and provide therapeutic services.

  • Create treatment plans

  • Coordinate care with other providers when authorized.

  • Provide telehealth services

  • Monitor progress and clinical outcomes.

B. Administrative & Operational Purposes

  • Scheduling and confirming appointments

  • Billing and insurance verification

  • Quality assurance and internal evaluation

  • Compliance with legal obligations

C. Communication

  • Appointment reminders

  • Follow-up messages

  • Administrative notices

  • Service-related updates

We never use your PHI for marketing without your written authorization.

4. HIPAA Compliance & Use of PHI

Uriel Behavioral Wellness Inc. complies fully with:

  • The Health Insurance Portability and Accountability Act (HIPAA)

  • The HITECH Act

  • California Confidentiality of Medical Information Act (CMIA)

  • All applicable federal and state privacy laws

Permitted Uses and Disclosures (HIPAA)

We may use or disclose PHI for:

  1. Treatment – coordination with other providers, pharmacies, hospitals

  2. Payment – insurance claims, billing, reimbursement

  3. Healthcare Operations – quality improvement, training, audits

Other Legally Permitted Disclosures

We may disclose PHI without authorization when required by law, including:

  • Court orders or subpoenas

  • Mandatory reporting (child abuse, elder abuse, dependent adult abuse)

  • Threats of harm to self or others

  • Public health activities

  • Law enforcement requests (when legally applicable)

Uses Requiring Written Authorization

We will only share PHI with your written consent when disclosure is for:

  • Release of records to another provider (unless for treatment)

  • Coordination with schools, employers, attorneys, or family members

  • Telehealth communication outside of our secure platform

  • Marketing or research purposes

5. California Consumer Privacy Rights (CCPA)

Although PHI is exempt from CCPA, California clients still have additional rights related to non-health personal data. You may request:

  • The categories of personal information collected

  • A copy of your personal information

  • Correction of inaccurate information

  • Deletion (when legally permissible)

  • Information about how your data is shared

Requests can be made in writing at any time.

6. Telehealth Privacy

Uriel Behavioral Wellness Inc. follows all state and federal guidelines related to telehealth:

  • Sessions are conducted through secure, encrypted platforms.

  • Sessions may not be recorded by either party unless mutually agreed in writing.

  • Clients are required to attend sessions in a private location

  • Providers will not conduct telehealth sessions in public or unsecured environments.

If technology fails, we may continue care via phone only with your permission.

7. Data Storage & Security Measures

We use multiple safeguards to protect your information:

Technical Safeguards

  • Encrypted electronic health record (EHR) systems

  • Password-protected devices

  • HIPAA-compliant servers

  • Firewall and network protection

Administrative Safeguards

  • Staff training on privacy and HIPAA

  • Restricted user access

  • Confidentiality agreements

  • Regular privacy audits

Physical Safeguards

  • Secure office environment

  • Locked file storage (if paper files exist)

  • Restricted access areas

8. Data Retention

We retain client records for the period required by California law:

  • California requirement: Minimum 7 years from the last date of service

  • Minor clients: Records kept 7 years after the client turns 18

Records may not be deleted during the legal retention period.

9. Data Breach Procedures

If a data breach occurs:

  • You will be notified promptly, in compliance with HIPAA and California laws.

  • We will investigate the breach and identify affected information.

  • Corrective action and mitigation steps will be implemented.

  • You will receive guidance to protect your information.

10. Your Rights Regarding Your Information

You have the right to:

  • Access and obtain copies of your records

  • Request corrections

  • Request restrictions on the use of PHI

  • Request confidential or alternative communications.

  • Receive a list of disclosures.

  • Withdraw consent for optional communications.

All requests must be submitted in writing.

11. Third-Party Service Providers

We may use third-party vendors to support necessary business functions, including:

  • Secure messaging platforms

  • EHR systems

  • Billing and insurance processors

  • Telehealth services

  • IT and website maintenance

Each vendor is required to sign a Business Associate Agreement (BAA) guaranteeing HIPAA compliance.

12. Cookies & Website Tracking

Our website may use cookies to:

  • Improve user experience

  • Track site traffic

  • Analyze performance

We do not use cookies to collect PHI or sensitive personal information.

Visitors can disable cookies at any time through browser settings.

 

13. Links to External Websites

Our website may include links to third-party sites.
We are not responsible for:

  • The content

  • Privacy practices

  • Security protections

of external websites.

14. Updates to This Policy

This Privacy Policy may be updated periodically.
Revisions will be posted on our website with the updated “Last Updated” date.

15. Contact Information

If you have questions or wish to make a privacy request, contact us at:

Uriel Behavioral Wellness Inc.
19350 Business Center Drive, Unit 103

Northridge, California 91324
Phone: 866-625-8115
Website: www.urielbehavioral.org

bottom of page