PAY MY BILL
DONATE
Call us: (509) 559-3100
Notice of Privacy Practices

Notice of Privacy Practices

Excelsior Wellness cares about your privacy and wants you to know how your health information may be used and disclosed. This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.

Your Rights

You have the right to:

  • Get a copy of your paper or electronic medical record
  • Correct your paper or electronic medical record
  • Request confidential communication
  • Ask us to limit the information we share
  • Get a list of those with whom we’ve shared your information
  • Get a copy of this privacy notice
  • Choose someone to act for you
  • File a complaint if you believe your privacy rights have been violated

Your Choices

You have some choices in the way that we use and share information as we:

  • Tell family and friends about your condition
  • Provide disaster relief
  • Provide mental health care
  • Market our services and sell your information
  • Raise funds

Our Uses and Disclosures

We may use and share your information as we:

  • Treat you
  • Run our organization
  • Bill for your services
  • Fulfill your requests to share information with your consent
  • Prevent multiple program enrollments
  • Report about court-referred treatment
  • Report to prescription drug monitoring programs
  • Help with public health and safety issues
  • Do research
  • Comply with the law
  • Respond to organ and tissue donation requests
  • Work with a medical examiner or funeral director
  • Address workers’ compensation, law enforcement, and other government requests
  • Respond to lawsuits and legal actions

To the extent that we have your substance use disorder patient records, subject to 42 CFR part 2, we will not share that information for investigations or legal proceedings against you without (1) your written consent or (2) a court order and a subpoena.

Your Rights

When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you.

Provide consent when we use or share your information for most purposes

  • You may provide a single consent for all future uses or disclosures for treatment, payment, and health care operations purposes.
  • You may provide consent for more limited purposes (for example, to only disclose information to another health care provider for your treatment); however, doing so may affect the services we can provide you or how you pay for services.

Get an electronic or paper copy of your medical record 

  • You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you (excluding psychotherapy notes). Ask us how to do this.
  • We will provide a copy or a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee.

Ask us to correct your medical record

  • You can ask us to correct health information about you that you think is incorrect or incomplete.
  • We may say “no” to your request, but we’ll tell you why in writing within 60 days.

    Request confidential communications

    • You can ask us to contact you in a specific way (for example, home, office, or cell phone) or to send mail to a different address.
    • We will say “yes” to all reasonable requests.

    Ask us to limit what we use or share

    • You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say “no,” for example, if it could affect your care. If we agree to your request, we may still share this information in the event that you need emergency treatment.
    • If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.

    Get a list of those with whom we’ve shared information

    • You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.
    • We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.

    Get a copy of this privacy notice

    You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will promptly provide you with a paper copy.

    Choose someone to act for you

    • If someone has authority to act as your personal representative, such as if someone has your medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information.
    • We will make sure the person has this authority and can act for you before we take any action.

    Discuss this notice with someone in our organization

    You can ask questions or obtain more information about this notice and our privacy practices by contacting our HIPAA Privacy Officer listed under “Other Information” at the end of this notice.

    File a complaint if you believe your rights are violated

    • You may file a complaint if you believe your rights have been violated by contacting our HIPAA Privacy Officer, listed under “Other Information” at the end  of this notice.
    • You may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting https://www.hhs.gov/hipaa/filing-a-complaint/index.html.
    • We will not retaliate against you for filing a complaint.

    Your Choices

    For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.

    In these cases, you have both the right and choice to tell us to:

    • Share information with your family, close friends, or others involved in your care or payment for your care
    • Share information in a disaster relief situation

    If you are not able to tell us your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.

    In these cases, we never share your information unless you give us written permission:

    • Marketing purposes
    • Fundraising purposes
    • Sale of your information
    • Most sharing of psychotherapy notes

    Our Uses and Disclosures

    How do we typically use or share your health information?

    We typically use or share your health information in the following ways.

    Treat you

    We can use your health information and share it with members of your care team and other professionals involved in your care.

    Example:  A behavioral health provider working with you may coordinate with a medical provider or case manager to better understand your overall health needs and support your care. While your medical provider may consult with your behavioral health provider to better understand how stress, mental health symptoms or substance use may be affecting your overall health and treatment plan.

    Run our organization

    We can use and share your health information to operate our organization, improve the quality of your care, and contact you when needed.

    Example: We use health information about you to manage your treatment and services. 

    Bill for your services

    We can use and share your health information to bill and get payment from health plans or other entities. 

    Example: We give information about you to your health insurance plan so it will pay for your services. 

    With your consent, we may also use and share your information in the following ways:

    • To whomever you name in a consent to share your information
    • To prevent multiple enrollments in withdrawal management or maintenance treatment programs
    • To report participation in treatment required by the criminal justice system
    • To report prescribed substance use disorder treatment medications to a state prescription drug monitoring program when required by law

    How else can we use or share your health information?

    We are allowed or required to share your information in other ways, usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes.  

    In all cases, including those listed below, if we have substance use disorder patient records about you, subject to 42 CFR part 2, we cannot use or share information in those records in civil, criminal, administrative, or legislative investigations or proceedings against you without (1) your consent or (2) a court order and a subpoena.

    To communicate within our program and with contractors

    We can share your information within our organization and with contractors who support our operations and services.

    For medical emergencies

    We can share your information during a bona fide medical emergency with the personnel and health care providers responding to your emergency, even when you are unable to consent because of the emergency. 

    We can also share your identifying information to assist the federal Food and Drug Administration in notifying you or your doctor about unsafe products you may be using.

    Help with public health and safety issues

    We can share health information about you for certain situations such as:

    • Preventing or controlling disease, injury, or disability
    • Helping with product recalls
    • Reporting adverse reactions to medications
    • Reporting suspected abuse, neglect, exploitation, or domestic violence
    • Preventing or reducing a serious threat to your health or safety or the health or safety of others

    Do health research

    In certain circumstances, we can use or share your information for health research with approval from an institutional review board.

    Comply with the law

    We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law.

    Respond to audits, evaluations, and oversight activities

    We may use or share your information to respond to audits, financial reviews, program evaluations, licensing, and other oversight activities authorized by law, as long as those who view or receive the information agree to destroy or return the information when they are finished and agree not to use it against you. These activities are conducted to ensure compliance, improve the quality of services, and meet credentialing or regulatory requirements.

    Respond to organ and tissue donation requests

    We can share health information about you with organ procurement organizations.

    Work with a medical examiner or funeral director

    We can share health information with a coroner, medical examiner, or funeral director when an individual dies.

    Address workers’ compensation, law enforcement, and other government requests

    We can use or share health information about you:

    • For workers’ compensation claims
    • For law enforcement purposes or with a law enforcement official
    • With health oversight agencies for activities authorized by law
    • For special government functions such as military, national security, and presidential protective services

    Respond to lawsuits and legal actions

    • We can share health information about you in response to a court or administrative order, or in response to a subpoena.

    Redisclosure under HIPAA

    When you agree to allow us to use your information for treatment, payment, and running our organization:

    • We may share it with other health care providers such as doctors, substance use treatment programs, and health care organizations so they can help with your care or related services.
    • If the person or organization we share your information with is also covered by HIPAA, they may use or share your information again as allowed by law without needing your permission.
    • If your records include substance use disorder treatment information protected by 42 CFR Part 2, that information cannot be used in legal proceedings against you unless you give written permission or it is mandated by a Part 2 court order, subpoena, or other legal requirement.

    Our Responsibilities

    • We are required by law to maintain the privacy and security of your protected health information.
    • We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
    • We must follow the duties and privacy practices described in this notice and give you a copy of it.
    • We will not use or share your information other than as described in this notice unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.

    For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.

    Changes to the Terms of this Notice

    We can change the terms of this notice, and the changes will apply to all information we have about you. The new notice will be available upon request, in our office, and on our web site.

    Other Information

    • This notice is effective as of April 17, 2026.
    • Contact our HIPAA Privacy Officer at (509) 559-3100 or hipaa.compliance@excelsiorwellness.org.
    • Organized Healthcare Arrangement: Excelsior is part of the MultiCare Connected Care Network, which is an organized healthcare arrangement (OHCA). An OHCA is (i) a clinically integrated setting in which individuals typically receive healthcare from more than one healthcare provider or (ii) an organized system of healthcare in which more than one health care provider participates. The healthcare providers who participate in the OHCA will share medical and billing information about you with one another as may be necessary to carry out treatment, payment, and healthcare operations activities.
    • Text Messaging (SMS) Consent and Privacy: We are committed to protecting your privacy. Any text messaging originator opt-in data and consent provided to Excelsior Wellness will be used solely for the purpose of communicating with you about our services and activities. This information will not be shared with any third parties.