Privacy Policy

Part A: HIPAA & Texas Notice of Privacy Practices (NPP)

This notice covers the requirements of the federal Health Insurance Portability and Accountability Act (HIPAA) and the Texas Medical Records Privacy Act (TMRPA).

1. Our Commitment and Responsibilities

Verity ABA is a Covered Health Care Provider and is required to maintain the privacy and security of your Protected Health Information (PHI). We must adhere to both HIPAA and stricter Texas state laws.

  • Texas Law Requirement: We must maintain your medical records for a minimum of seven years from the date of your last treatment.
  • We must notify you promptly if a breach occurs and your unsecured PHI may have been compromised.

2. How We May Use and Disclose Your PHI Without Written Authorization

We may use and share your PHI for the following purposes:

  • Treatment, Payment, and Health Care Operations: This includes providing, coordinating, and managing your ABA therapy; billing your insurance; and running our office operations and quality improvement activities.
  • To Persons Involved in Your Care: We may share PHI with family members or friends involved in your care or payment for care, unless you object.
  • Minors/Consent for Mental Health: Texas Family Code permits a licensed psychologist to advise parents or guardians of treatment given to or needed by a child, with or without the child’s consent.
    • For minors (under 18) receiving counseling/mental health services, a parent or guardian generally provides consent, and may still have access to the records, with certain exceptions under Texas Family Code (e.g., a minor is 16+ and resides apart from the parent/guardian and manages their own financial affairs, or consents to treatment for addiction or abuse).

3. Uses and Disclosures Requiring Your Written Authorization

We must obtain your written authorization (permission) for the following:

  • Marketing: Using or sharing your PHI for marketing purposes.
  • Sale of PHI: Any disclosure that constitutes a sale of your PHI. Texas Law imposes a total ban on the sale of PHI for any reason other than treatment, payment, healthcare operations, or maintenance operations permitted by the Insurance Code.
    • Note: We do not sell or rent your personal information to third parties.
  • Other Disclosures: We will require your authorization for uses or disclosures not described in this Notice.

4. Your Rights Regarding Your Health Information (PHI)

You have the following rights. To exercise them, please contact our Privacy Officer (see Contact Us).

  • Right to Inspect and Copy: You have the right to inspect and obtain a copy of your medical and billing records.
    • Texas Law Requirement (Electronic Records): If we maintain your PHI electronically (in an EHR system), we must provide you with a copy or summary no later than the 15th business day after your written request is submitted (stricter than HIPAA’s 30 days).
    • We may charge a reasonable, cost-based fee for copying records but may not charge a retrieval fee.
  • Right to Request an Amendment (Correction): You can ask us to amend (correct) health information you believe is wrong or incomplete.
  • Right to an Accounting of Disclosures: You can request a list (accounting) of certain times we have shared your health information.
  • Right to Request Restrictions: You can ask us to limit how we use or disclose your PHI.
    • Mandatory Restriction: We must agree to your request not to share information with your health plan if you pay for a service or health care item out-of-pocket in full.
  • Right to Request Confidential Communications: You can ask us to contact you about medical matters in a specific way or at a specific location.
  • Right to File a Complaint: You may file a complaint with us, the Secretary of the U.S. Department of Health and Human Services (HHS), or the Texas Attorney General’s Consumer Protection Division.

Part B: Digital Privacy and Security Policy (with Social Media)

5. Cookies and Tracking Technologies

Our website uses cookies, pixels, and similar technologies to improve your experience and analyze usage.

  • Tracking Tools: We use analytics (like Google Analytics) and third-party advertising services, including Facebook Pixel and other social media tracking pixels.
  • Targeted Advertising: These pixels and tags track activity to optimize ad campaigns and deliver targeted advertisements to you on social media platforms. We may share non-PHI identifiers (such as cookie IDs or IP addresses) with these partners.
  • Your Choices: You can manage cookie preferences through your browser settings or use the opt-out mechanisms provided by the respective social media platforms.

6. Data Security, Business Associates, and Data Location

  • Security Safeguards: We maintain industry-standard administrative, physical, and technical safeguards to protect your data.
  • Business Associates (BA): We require third-party service providers (EHRs, analytics) to enter into Business Associate Agreements (BAAs), legally obligating them to protect your PHI.
  • Texas Law Requirement (EHR Storage): Starting January 1, 2026, all electronic health records must be stored within the United States. We require all vendors and cloud storage providers to comply with this requirement.

Part C: Notice of Rights Under Texas Law (Do Not Sell/Share)

7. Your Right to Opt-Out

While Texas law prohibits the sale of PHI (health data), it may permit the “sharing” of non-PHI personal information (like website usage data) for targeted advertising, unless you opt out.

Do Not Sell or Share My Personal Information

We do not sell your PHI. However, you may exercise your right to opt out of the sharing of your non-PHI personal information for targeted advertising purposes by emailing or calling us at: 

8.  SMS Policy

At Verity Behavioral Solutions, LLC, we are committed to protecting your privacy. This SMS privacy policy explains how we collect, use, and protect your information when you interact with us via text messaging (SMS/MMS). 

  1. Information we collect When you opt in to receive SMS messages from Verity Behavioral Solutions, LLC, we may collect the following personal information: a. Your mobile phone number b. Your name (if provided) c. Any information you provide in your message responses d. Message delivery and interaction data (e.g., timestamps, status) 
  2. How we collect your information
    We collect information directly from you when: a. You enter your phone number into a web form b. You interact with our customer support via SMS c. You opt in through a purchase or registration form
  1. How we use SMS information
    We use your SMS data to:
  1. Send transactional or account-related messages (e.g., order updates, appointment reminders) 
  2. Send promotional or marketing messages (only with prior consent) 
  3. Respond to your inquiries or support requests
  4. Sharing your information
    Verity Behavioral Solutions, LLC does not sell or share your SMS opt-in data with third parties for their marketing purposes. We may share your information with trusted service providers who help us deliver our SMS messaging services, such as: 
  • SMS gateway providers 
  • Phone carriers 
  • Customer support platforms 

These vendors are contractually obligated to keep your information secure and only use it to provide services to Verity Behavioral Solutions, LLC. 

9.  Your choices & rights

You can opt out of SMS messages at any time by replying “STOP” to any message. After you opt out, you will no longer receive text messages from us unless you opt in again. To request access to or deletion of your SMS-related data, please contact us at info@verityaba.com.

10.  Data security and retention 

We implement reasonable technical and organizational measures to protect your personal data. SMS data is retained only as long as necessary to fulfill the purposes outlined above or to comply with legal obligations. 

11. Changes to this policy

 We may update this SMS privacy policy periodically. If we make material changes, we’ll notify you via SMS. Continued use of our SMS service indicates your acceptance of the revised policy. 

SMS Terms of Service

By opting into SMS from a web form or other medium, you are agreeing to receive SMS messages from Verity Behavioral Solutions, LLC. This includes SMS messages for customer care, marketing. Message frequency varies. Message and data rates may apply. See privacy policy at https://verityaba.com/privacy-policy/  Message HELP for help. Reply STOP to any message to opt out.

12. Contact Us

If you have any questions or concerns about this Privacy Policy, your rights, or our privacy practices, please contact our designated Privacy Officer:

  • Verity ABA – D’Avia Contreras
  • Address: 3551 Eldorado Parkway, Suite 100, McKinney, TX 75070
  • Email: info@verityaba.com
  • Phone: 469-854-3492
  • Fax: 469-608-8768