Information We Collect

We collect different types of information depending on your relationship with us and how you interact with our services.

• Personal Information

• Names, addresses, phone numbers, and email addresses

• Date of birth and demographic information

• Insurance information, including policy and group numbers

• Billing and payment information

• Emergency contact information

• Health Information

• Diagnosis, treatment plans, and progress notes

• Medical history and records provided by healthcare professionals

• Therapy session data and behavioral assessments

• Information required under the Health Insurance Portability and Accountability Act (HIPAA)

• Technical Information

• IP addresses, browser type, and device information

• Website usage data, such as pages visited and time spent

• Cookies and other tracking technologies

• Other Information

• Feedback, survey responses, and communication records

• Employment applications and related documentation

How We Collect Information

• Directly from you or your authorized representative during registration, assessment, or consultation

• Via website forms, mobile applications, and email communications

• From insurance companies, healthcare providers, or other authorized parties

• Automatically through cookies and tracking technologies when you use our website

• During therapy sessions or in-person meetings

How We Use Your Information

We use your information to provide, manage, and improve our services, to communicate with you, and to fulfill our legal and regulatory obligations. Specifically, we may use your information for the following purposes:

• To schedule and provide Applied Behavior Analysis (ABA) therapy services

• To develop and implement individualized treatment plans

• To process payments and manage billing

• To communicate with you regarding appointments, updates, and service information

• To coordinate care with other healthcare providers or insurance companies

• To comply with applicable laws, regulations, and ethical guidelines

• To improve our website, services, and client experience

• To conduct internal audits, quality assurance, and staff training

• To respond to inquiries, feedback, or complaints

• For marketing and promotional purposes (only with your explicit consent)

Use of Information for Research

We are dedicated to advancing the field of Applied Behavior Analysis and may use de-identified or aggregated information for research and quality improvement purposes. Any research conducted using client information will adhere to all applicable laws, regulations, and ethical standards, including HIPAA and institutional review board (IRB) requirements when appropriate.

• We will never use personally identifiable information for research without your explicit written consent.

• Research activities may include data analysis, outcome measurement, and the development of best practices to enhance service quality.

• Findings from research may be published or shared, but no information will be included that could identify you or your family.

• You have the right to opt out of having your information used for research, subject to legal and ethical requirements. To exercise this right, please contact us using the information provided in the “Contact Us” section below.

How We Share and Disclose Information

We value your trust and only share your personal information as permitted or required by law. Disclosures may include:

• With your written consent or at your direction

• With healthcare professionals involved in your care

• With insurance companies for billing and claims processing

• With service providers who assist us with business operations (e.g., billing services, IT support)

• To comply with legal requirements, court orders, or government requests

• To protect the rights, safety, or property of NaathBehavior, our clients, or others

• In the event of a business transfer, merger, or acquisition, where permitted by law

We do not sell or lease your personal information to third parties for commercial purposes.

Your Rights and Choices

You have certain rights regarding your personal and health information, subject to applicable laws.

• Access: You may request access to your personal information in our records.

• Correction: You have the right to request corrections of inaccurate or incomplete information.

• Restriction: You may request restrictions on certain uses or disclosures of your information.

• Confidential Communications: You may request that we communicate with you in a specific way.

• Data Portability: Where applicable, you may request a copy of your information in a portable format.

• Withdraw Consent: You may withdraw your consent for certain uses, where consent is required.

• Deletion: Subject to legal requirements, you may request the deletion of your information.

To exercise these rights, please contact us using the information provided below.

Data Security and Protection

We take the security of your personal information seriously and implement reasonable administrative, technical, and physical safeguards to protect your data. Measures include:

• Encryption of sensitive information

• Access controls and user authentication

• Regular security audits and staff training

• Secure data storage and transmission protocols

• Policies to prevent unauthorized access, use, or disclosure

Although we strive to protect your information, no method of transmission or storage is completely secure. We encourage you to use strong passwords and notify us immediately if you suspect unauthorized access to your information.

Data Retention

We retain your personal and health information only as long as necessary to fulfill the purposes described herein, comply with legal requirements, resolve disputes, and enforce agreements. The specific retention period may vary based on the type of information and applicable laws.

Cookies and Tracking Technology

Our website may use cookies and similar technologies to enhance your browsing experience, analyze website traffic, and improve service delivery. You can manage your cookie preferences through your browser settings. Please note that disabling cookies may affect website functionality.

Children’s Privacy

Many of our services are designed for children and minors. We take special precautions to protect the privacy of children and collect information only from parents, guardians, or authorized representatives, in accordance with applicable laws such as the Children’s Online Privacy Protection Act (COPPA) and HIPAA. We do not knowingly collect personal information directly from children under 13 without verifiable parental consent.

Third-Party Links

Our website may contain links to third-party websites or services. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any linked sites you visit.

International Users

If you access our services from outside the United States, please be aware that your information may be stored and processed in the United States, where data protection laws may differ from those in your country. By using our services, you consent to such transfer and processing.

HIPAA Disclaimer

NaathBehavior ABA Services is committed to safeguarding your Protected Health Information (“PHI”) in compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). We only use and disclose PHI as permitted or required by law and in accordance with HIPAA regulations. While we maintain rigorous administrative, technical, and physical safeguards to ensure the confidentiality, integrity, and security of your PHI, it is important to note that no system can guarantee absolute protection. We encourage you to contact us if you have any concerns or questions regarding our HIPAA compliance or the handling of your health information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. We will notify you of material changes by posting the revised policy on our website and updating the effective date. Your continued use of our services constitutes consent to the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

NaathBehavior ABA Services

Privacy Officer

6701 CORPORATE DR #4123

JOHNSTON, IA 50131

Email: gatwech.miak@naathbehavioraba.org

Phone: (515) 220-7311

We are committed to resolving any issues regarding your privacy and protecting your personal information.

Effective Date

This Privacy Policy is effective as of July 19, 2025