Your Protected Health Information (PHI)

PHI refers to any identifiable health information that relates to your physical or mental health condition, the provision of healthcare, or payment for healthcare services. This includes information such as your name, address, medical history, diagnosis, treatment information, and insurance details.

How We Collect Information

We may collect PHI through:
- Online intake forms or questionnaires
- Appointment scheduling platforms
- Email or direct communication
- Telehealth or virtual consultations

All information collected is stored in a secure, HIPAA-compliant system and accessed only by authorized personnel.

How Your Information Is Used

Dr. Krystal Kinnunen may use your PHI to:
- Provide and coordinate care, treatment, and services
- Communicate with you about appointments and treatment options
- Process payments or insurance claims (if applicable)
- Maintain health records and comply with legal and professional standards

Your Rights Under HIPAA

As a client, you have the right to:
- Request a copy of your health records
- Request corrections to your records if inaccurate
- Receive a list of disclosures of your PHI
- Request limits on the use and sharing of your PHI
- Request confidential communications (e.g., specific email or phone contact)
- File a complaint if you believe your rights have been violated

To exercise any of these rights, please contact Dr. Crystal Kinnunen directly in writing.

How We Protect Your Information

We take the security of your PHI seriously. Administrative, physical, and technical safeguards are in place to protect your data from unauthorized access, use, or disclosure. These include encryption, secure servers, password protection, and HIPAA-compliant platforms for communications and data storage.

When Your Information May Be Shared

Your PHI may be disclosed:
- As required by law (e.g., subpoenas, public health reporting)
- To prevent or reduce a serious threat to health or safety
- With your written authorization
- To third-party service providers who assist with treatment or operations (under signed confidentiality agreements)

PHI will never be sold or used for marketing without your explicit written consent.

Updates to This Policy

This policy may be updated periodically to reflect changes in practices, technologies, or regulations. The effective date at the top of the page will be updated accordingly.

Contact Information

If you have any questions or concerns about this HIPAA Privacy Policy, or if you wish to exercise your rights, please contact:

krystal@krystalkinnunen.com