Recovery Fanz Privacy and HIPAA Policy
1. Introduction and Purpose
Recovery Fanz is committed to protecting the privacy and security of our users, particularly concerning sensitive information related to addiction recovery and mental health. This policy outlines how we collect, use, and protect user data and ensures compliance with HIPAA (Health Insurance Portability and Accountability Act), applicable privacy laws, and information-sharing regulations.
2. HIPAA Compliance
Recovery Fanz complies with HIPAA standards to protect sensitive health information shared by users, which includes but is not limited to mental health and addiction recovery information. Users’ personally identifiable information (PII) and protected health information (PHI) will be handled according to HIPAA privacy and security standards.
3. Data Collection and Use
• Personal Information: When users create an account, we collect limited personal data necessary to maintain user accounts and ensure the integrity of the platform.
• Sensitive Health Information: We recognize that Recovery Fanz may serve individuals in mental health and recovery journeys. Users are encouraged to share information responsibly and anonymously as the platform does not provide medical or clinical advice.
• Anonymity and Data Minimization: Users are encouraged to use anonymous usernames or avatars. Any optional information shared is solely for peer support and community-building purposes.
4. No Disclosure Without Consent
All user data, including health-related data shared on Recovery Fanz, is considered confidential and will not be disclosed to any third party without the user’s explicit consent, except as required by law or to prevent harm (e.g., in cases of self-harm risk or harm to others). We only share necessary data when legally compelled or authorized by the user.
5. Information Sharing and Third Parties
Recovery Fanz does not share user information with third-party organizations or advertisers. Any third-party services we employ (e.g., data storage providers) are HIPAA-compliant and bound by stringent confidentiality agreements, ensuring that user data is protected and not shared without explicit consent.
6. User Control Over Data
Users have full control over the information they choose to share within Recovery Fanz. They may delete posts, comments, and other data at any time. Users may also request account deletion, after which all associated data will be permanently removed from our servers within a designated period.
7. Security Measures
Recovery Fanz employs strict security measures, including encryption, secure access controls, and regular audits to ensure that all user data is protected against unauthorized access, loss, or misuse. In compliance with HIPAA, we conduct risk assessments and implement necessary safeguards.
8. Rights of Users
• Right to Access: Users have the right to access any personal information they have provided to Recovery Fanz.
• Right to Correction: Users may request the correction of any inaccurate information associated with their account.
• Right to Restrict Processing: Users may limit how their data is used and shared, particularly regarding sensitive health data.
• Right to Deletion: Users can request that their data be deleted, subject to legal or regulatory requirements.
9. Data Retention Policy
Recovery Fanz retains user information only as long as necessary to fulfill the purposes for which it was collected or as required by law. Upon user request for deletion, all data will be erased from our systems within 30 days, with an exception only for data required by law to be retained.
10. Compliance with State and Federal Regulations
• Mental Health Privacy Laws: Recovery Fanz adheres to state and federal regulations that govern the confidentiality of mental health records, ensuring that sensitive health information shared on the platform is handled responsibly and in compliance with the law.
• Substance Abuse Confidentiality Regulations (42 CFR Part 2): For users seeking support in addiction recovery, Recovery Fanz follows the confidentiality guidelines under 42 CFR Part 2, which restricts disclosure of substance abuse-related records without user consent, except under specific conditions required by law.
11. Changes to This Privacy and HIPAA Policy
Recovery Fanz reserves the right to update this Privacy and HIPAA Policy to reflect any changes in legal requirements or platform practices. Users will be notified of any significant changes, and continued use of the platform implies acceptance of the updated terms.
12. Contact Information
Users with questions or concerns regarding this policy or their data rights may contact our Data Protection Officer at support@recoveryfanz.com.