Privacy Policy & Notice of Privacy Practices

Who We Are

Rivkin Addiction Medicine, PLLC ("we," "us," or "our") is a medical practice located at 19100 Goddard Rd, Allen Park, MI 48101, operated by Dr. Aaron Rivkin, MD. We provide outpatient addiction medicine services in person and via telemedicine to patients across Michigan.

This Privacy Policy describes how we collect, use, disclose, and protect information obtained through our website (rivkinaddictionmedicine.com), our contact and scheduling forms, and our clinical operations. It also serves as our Notice of Privacy Practices as required by the Health Insurance Portability and Accountability Act (HIPAA).

Questions about this policy may be directed to Dr. Aaron Rivkin, our Privacy Officer, at the contact information listed at the bottom of this page.

Information We Collect

Information You Provide Directly

When you use our website contact form, appointment request form, or communicate with us by phone or email, we may collect:

• Your name, phone number, and email address
• Your preferred appointment type (in-person or telemedicine)
• Insurance information you voluntarily provide
• Any messages or questions you submit through our forms

When you become a patient and use our patient portal or EHR system, we collect protected health information (PHI) as described under the HIPAA section below.

Information Collected Automatically

When you visit our website, we automatically collect certain technical information through Google Analytics and standard web server logs, including:

• Your IP address (anonymized where possible)
• Browser type and operating system
• Pages visited and time spent on the site
• Referring website or search terms
• Device type (desktop, tablet, mobile)

This information is used solely to understand how patients find and use our website so we can improve it. It is not used to identify individual visitors and is not combined with your health information.

How We Use Your Information

We use the information we collect for the following purposes:

• To respond to your inquiries — when you submit a contact or appointment request form, we use your contact information to follow up with you
• To schedule and provide care — once you become a patient, we use your information to schedule appointments, provide medical treatment, and coordinate your care
• To process billing and insurance claims — we use your health and insurance information to submit claims on your behalf and process payments
• To improve our website — we use anonymized analytics data to understand how visitors use our site and make improvements
• To send appointment reminders and health communications — with your consent, we may send appointment reminders, practice updates, or educational health information by email or text message. You may opt out at any time.
• To comply with legal obligations — we may use or disclose your information as required by law, including reporting requirements under Michigan state law

We do not sell your personal information. We do not share your information with advertisers or marketing companies.

HIPAA & 42 CFR Part 2 — Your Health Information

As a healthcare provider, we are required by HIPAA to maintain the privacy of your protected health information (PHI) and to provide you with notice of our legal duties and privacy practices.

42 CFR Part 2 — Substance Use Disorder Records

Because we provide substance use disorder treatment, your records are subject to additional federal protections under 42 CFR Part 2 — which provides stricter confidentiality protections than standard HIPAA. Under these protections:

• We cannot disclose that you are or have been a patient at our practice without your written consent
• We cannot share any of your records with employers, law enforcement, or other third parties without your explicit, written authorization — except in very limited circumstances defined by law (such as a medical emergency)
• Even other healthcare providers cannot receive your substance use disorder treatment records without your signed Release of Information form
• Your records cannot be used to initiate or support criminal charges against you

A Release of Information form will be provided to you at your first visit. You control who receives your information. Nothing is shared without your knowledge and written approval.

Permitted Uses and Disclosures of PHI

We may use or disclose your PHI without your written authorization only in the following limited circumstances:

• Treatment: To provide, coordinate, or manage your healthcare and related services
• Payment: To obtain payment for services rendered, including submitting claims to your insurance company
• Healthcare operations: For quality assessment, training, and practice administration
• Required by law: As required by applicable federal, state, or local law
• Public health activities: To report certain communicable diseases or adverse drug reactions as required by law
• Medical emergencies: To prevent serious harm to you or others in a genuine medical emergency

All other uses and disclosures require your written authorization, which you may revoke at any time.

Your HIPAA Rights

As a patient, you have the right to:

• Request access to and copies of your medical records
• Request corrections to your records if you believe they are inaccurate
• Request restrictions on how we use or disclose your PHI
• Request confidential communications (e.g., to be contacted only at a specific phone number)
• Receive an accounting of disclosures we have made of your PHI
• File a complaint if you believe your privacy rights have been violated

To exercise any of these rights, please contact us using the information at the bottom of this page. We will not retaliate against you for filing a complaint.

You also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights at hhs.gov/ocr.

Website & Analytics Data

Our website uses Google Analytics to collect anonymized information about how visitors use the site. Google Analytics uses cookies — small text files stored on your device — to collect this data. The information collected does not identify you personally and is not linked to your health information in any way.

You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on or by adjusting your browser's cookie settings.

Our website does not use advertising cookies or tracking pixels for marketing purposes. We do not participate in remarketing or targeted advertising programs.

Email Communications

If you provide your email address through our contact or appointment request form, we will use it to respond to your inquiry. We will not add you to any marketing list without your explicit consent.

In the future, we may offer an opt-in email list for practice updates, appointment reminders, and patient education content. Participation will always be voluntary. Every email will include an unsubscribe option, and we will honor all opt-out requests promptly.

Important: Please do not send protected health information (PHI) — including symptoms, diagnoses, or medication details — via email or our website contact form. Standard email is not a HIPAA-secure communication channel. Use our patient portal for any health-related communications once you are an established patient.

Third-Party Services

We use a limited number of third-party services to operate our practice and website. Each is selected with privacy in mind:

• EHR / Patient Portal: Our electronic health records system is HIPAA-compliant and subject to a Business Associate Agreement (BAA). Patient health information stored in the EHR is governed by our full HIPAA Notice of Privacy Practices.
• Online Scheduling: Our scheduling platform is HIPAA-compliant and subject to a BAA. Information entered during scheduling is used only to book your appointment.
• Google Analytics: Used for anonymized website traffic analysis. No PHI is transmitted to Google Analytics. See the Website & Analytics Data section above.
• Website Hosting (Netlify): Our website is hosted by Netlify. Standard server logs may be retained for security purposes. No PHI is stored on our website hosting infrastructure.

We do not sell, rent, or trade your personal information to any third party for their own marketing or commercial purposes.

Your Rights Regarding Website Data

With respect to non-clinical information collected through our website, you have the right to:

• Request information about what data we hold about you
• Request correction or deletion of your contact information
• Opt out of any email communications at any time
• Opt out of Google Analytics tracking

To exercise any of these rights, contact us at the information below. We will respond within 30 days.

Minors

Our website is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13 through our website. If you believe a child under 13 has submitted information through our website, please contact us and we will promptly delete it.

For patients who are minors (under 18), additional consent and privacy considerations apply. Please contact our office to discuss appropriate arrangements.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically.

Continued use of our website after changes are posted constitutes your acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or need to report a privacy concern, please contact:

• Privacy Officer: Dr. Aaron Rivkin, MD
• Practice: Rivkin Addiction Medicine, PLLC
• Address: 19100 Goddard Rd, Allen Park, MI 48101
• Phone: (313) 315-6922
• Email: Coming Soon

To file a complaint with the federal government regarding your HIPAA rights, contact the U.S. Department of Health and Human Services Office for Civil Rights at hhs.gov/ocr or call 1-800-368-1019. We will not retaliate against you for filing a complaint.