HIPAA Acknowledgment of Digital Information Transfer & Electronic Release of This Secure but Potentially Unencrypted Information.
Please Read and review this information thoroughly.
Depending on the circumstances, Summit Behavioral Health of Az DBA Granite Mountain Behavioral Healthcare may not be able to send electronic communications using a secure (encrypted) method of transmission. There are risks associated with unencrypted communications that you should consider, such as the communication being intercepted or sent to the wrong person, or errors in server storage by JotForn and its affiliates. By signing this document, you agree that you understand these risks and consent to Summit Behavioral Health of Az DBA Granite Mountain Behavioral Healthcare sending the member's health information/member request data using an unsecure (unencrypted) method of communication.'
- I understand that the information submitted will contain information about the members substance use disorder and may contain other sensitive information about the members , such as information regarding communicable diseases (including sexually transmitted diseases and HIV/AIDS), genetic testing/genetic history, mental/behavioral health, and intellectual and developmental disabilities.
- I consent to the disclosure of this sensitive health information in connection with the release of the members substance use disorder records.
- I understand that the provider will not condition treatment, payment for treatment, enrollment or eligibility for benefits on my signing this authorization form. I understand that I may refuse to sign this authorization form. (in the event of refusal, you will not be allowed to completed this request form as is but rather please call the admissions office at 928-504-4511 to discuss next steps and to manually complete this form with Ben Isenberg.
- I understand that I may revoke (take back) this authorization at any time, except to the extent that someone has already acted in reliance on it. To revoke my authorization, I will submit a written request to the email or fax number listed at the bottom of this of this text field indicated by ***. Unless I revoke this authorization earlier, it will expire on the following date, event, or condition: 1 year from the form submission date and when this acknowledgment was signed. *Criminal Justice System Disclosures: If the disclosure is to individuals within the criminal justice system (such as probation/parole or a drug/criminal court), those individuals may require that this consent remain in effect until the final disposition of the Client’s conditional release or case.
- I understand that, if this information is disclosed to a third party, the information may no longer be protected by the Health Information Portability and Accountability Act and its implementing regulations (collectively, "HIPAA"). However, my substance use disorder records will continue to be protected by 42 U.S.C. § 290dd-2 and its implementing regulations at 42 C.F.R. Part 2 (collectively, "Part 2").
***To revoke consent, or for any questions please email: info@granitemountainbhc.com or Fax: 928-597-5196
Please note that this form system uses he following security measures and protocals:
- That this form system By default, utilizes the TLSv1.2 connection standard on top of SHA256/RSA encryption for HTTPS. For encryption of form submissions, this form uses 2048 Bit RSA Keys.
- Forms are served across a protected, 256-bit Secure Sockets Layer (SSL) connection.
- Files uploaded to your forms are assigned a very complex URL. Only people having this URL can download these files.
- We apply best practices to prevent such vulnerabilities, and we actively review our code for potential security concerns.
- We use CloudFlare for spam, phishing, and DDOS attack protection and OSSEC for intrusion detection and monitoring our servers.
- This Form has HIDS (Host Intrusion Detection System) instances on the application servers and NIDS (Network Intrusion Detection System) instances on the development offices. Additionally, PCI intrusion detection policies are being applied, as defined by PCI requirements.
- All data centers where we host our servers have highest level compliance with security standards. Our primary platform is Google Cloud - it complies with SSAE16 / ISAE 3402 Type II, SOC1, SOC2, SOC3, ISO 27001, ISO 27017 (Cloud Security), ISO 27018 (Cloud Privacy), PCI DSS v3.2, and HIPAA. You can find more information about Google Cloud compliance from https://cloud.google.com/security/compliance.
Thank You!