Skip to main content

Privacy Policy

Effective Date: February 1, 2026

Last Updated: February 1, 2026

Introduction

MDI Helping Center - Mental Health Advisors ("MDI Helping Center," "we," "us," or "our") is a licensed addiction treatment center located at 75 E Dayton Yellow Springs Rd, Fairborn, OH 45324. We are committed to protecting the privacy and confidentiality of our patients, visitors, and all individuals who interact with our facility and our website at mdihelping.website.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information and Protected Health Information (PHI) when you visit our website, contact our treatment center, or receive care at our facility. We take our responsibilities under the Health Insurance Portability and Accountability Act (HIPAA), 42 CFR Part 2 (federal confidentiality regulations governing substance use disorder patient records), and applicable Ohio state privacy laws very seriously.

By using our website or engaging with our treatment center, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described in this policy, please discontinue use of our website and contact us with any questions.

Information We Collect

We may collect various types of information depending on how you interact with our treatment center and our website. The categories of information we collect include:

Personal Information You Provide Directly

  • Full name, date of birth, and gender
  • Mailing address, email address, and telephone number
  • Insurance information and financial data related to billing
  • Emergency contact information
  • Information submitted through contact forms, admissions inquiries, or insurance verification requests on our website
  • Information provided during phone calls, emails, or in-person consultations at our Fairborn facility

Protected Health Information (PHI)

  • Medical history, diagnoses, and treatment records
  • Substance use history and substance use disorder (SUD) treatment records
  • Mental health diagnoses and treatment documentation
  • Prescription and medication records
  • Lab results, drug screening results, and clinical assessments
  • Treatment plans, progress notes, and discharge summaries
  • Information about your participation in detox, residential, outpatient, or dual diagnosis programs at our facility

Information Collected Automatically

When you visit our website, we may automatically collect certain technical information, including:

  • IP address and approximate geographic location
  • Browser type, version, and operating system
  • Pages visited, time spent on each page, and navigation paths
  • Referring website URL and search engine keywords used to find our site
  • Device type (desktop, tablet, mobile) and screen resolution
  • Date and time of your visit

How We Use Your Information

MDI Helping Center uses collected information for the following purposes, in compliance with HIPAA, 42 CFR Part 2, and Ohio state law:

Treatment Operations

  • Providing medical detox, residential treatment, outpatient care, and dual diagnosis treatment at our Fairborn facility
  • Coordinating care among our on-site clinical team, including physicians, therapists, counselors, and nursing staff
  • Developing and updating individualized treatment plans
  • Conducting clinical assessments and intake evaluations
  • Managing medication-assisted treatment (MAT) and prescription medications
  • Facilitating referrals to other healthcare providers when medically necessary and with appropriate consent

Payment and Billing

  • Verifying insurance coverage and obtaining pre-authorization for treatment services
  • Processing claims with insurance companies and third-party payers
  • Managing patient billing, collections, and financial records
  • Coordinating with financial assistance programs when applicable

Healthcare Operations

  • Quality assurance and improvement activities at our treatment center
  • Staff training and clinical supervision
  • Compliance auditing and internal reviews
  • Licensing, accreditation, and regulatory compliance activities

Website and Communication

  • Responding to your inquiries submitted through our website, email, or phone
  • Processing admissions requests and scheduling assessments at our facility
  • Improving website functionality, content, and user experience
  • Sending communications you have requested, such as appointment reminders or follow-up information
  • Analyzing website usage to improve our digital presence and accessibility

HIPAA Compliance Note: All uses and disclosures of Protected Health Information are made in strict accordance with our Notice of Privacy Practices, HIPAA regulations (45 CFR Parts 160 and 164), and the additional protections afforded by 42 CFR Part 2 for substance use disorder treatment records. We will never use or disclose your PHI for marketing purposes without your explicit written authorization.

Information Sharing and Disclosure

MDI Helping Center does not sell, rent, or trade your personal information or Protected Health Information to third parties. We may share your information only in the following circumstances:

With Your Written Consent

We will share your PHI with third parties only when you have provided a valid, written authorization that meets the requirements of HIPAA and 42 CFR Part 2. Under 42 CFR Part 2, substance use disorder treatment records require a specific written consent form that names the recipient, the purpose of the disclosure, the extent of information to be disclosed, and an expiration date. You may revoke your consent in writing at any time, except to the extent that action has already been taken in reliance on your prior consent.

For Treatment, Payment, and Healthcare Operations

As permitted by HIPAA, we may share PHI with other healthcare providers involved in your care, with your insurance company for payment purposes, and for our facility's healthcare operations. However, disclosures of substance use disorder treatment records for these purposes are subject to the stricter consent requirements of 42 CFR Part 2.

As Required by Law

We may disclose information when required by federal, state, or local law, including but not limited to:

  • Court orders that meet the specific requirements of 42 CFR Part 2, Subpart E
  • Mandatory reporting obligations, such as suspected child abuse or neglect under Ohio Revised Code Section 2151.421
  • Public health reporting requirements
  • Responses to valid subpoenas accompanied by a proper court order (for SUD records)
  • Threats of serious and imminent harm to yourself or others, as permitted under Ohio law

Business Associates

We may share PHI with third-party vendors ("business associates") who perform services on our behalf, such as billing companies, electronic health record providers, and IT service providers. All business associates are required to sign a HIPAA Business Associate Agreement (BAA) that obligates them to safeguard your information and use it only for the purposes specified in the agreement.

De-Identified Information

We may use and share de-identified information (information from which all personal identifiers have been removed in accordance with HIPAA standards) for research, statistical analysis, and quality improvement purposes. De-identified information cannot be used to identify you.

Cookies and Tracking Technologies

Our website at mdihelping.website uses cookies and similar tracking technologies to enhance your browsing experience and help us understand how visitors use our site.

Types of Cookies We Use

  • Essential Cookies: These cookies are necessary for the basic functioning of our website, including page navigation and access to secure areas. The website cannot function properly without these cookies.
  • Analytics Cookies: We use analytics tools to collect aggregate, anonymous information about how visitors interact with our website. This data helps us understand which pages are most useful, identify technical issues, and improve overall site performance. Analytics cookies do not collect Protected Health Information.
  • Functionality Cookies: These cookies allow our website to remember choices you make (such as preferred font size or region) and provide enhanced, more personalized features.

Managing Cookies

You can control and manage cookies through your browser settings. Most web browsers allow you to refuse cookies, delete existing cookies, or alert you when a cookie is being placed. Please note that disabling certain cookies may affect the functionality of our website. Instructions for managing cookies can typically be found in your browser's "Help" or "Settings" menu.

Do Not Track

Our website respects "Do Not Track" (DNT) signals sent by your browser. When we detect a DNT signal, we do not engage in tracking your browsing activity across other websites.

Important Privacy Note

We do not use cookies or tracking technologies to collect Protected Health Information. Our website analytics are limited to general usage patterns and do not track or store any clinical or treatment-related data. If you submit information through our website contact forms or admissions inquiry forms, that information is transmitted securely and handled in accordance with HIPAA regulations, not through cookie-based tracking.

Your Rights

You have specific rights regarding your personal information and Protected Health Information under HIPAA, 42 CFR Part 2, and Ohio state law. These rights include:

Right to Access

You have the right to request access to your Protected Health Information maintained by MDI Helping Center. This includes your medical records, treatment plans, billing records, and other documentation related to your care at our facility. We will respond to your request within 30 days, as required by HIPAA. A reasonable, cost-based fee may apply for copies of records.

Right to Amend

You have the right to request that we amend your PHI if you believe it is inaccurate or incomplete. We will review your request and respond within 60 days. If we deny your request, we will provide a written explanation and inform you of your right to submit a statement of disagreement.

Right to an Accounting of Disclosures

You have the right to request a list of certain disclosures we have made of your PHI during the six years prior to your request (or a shorter period if you prefer). This accounting will not include disclosures made for treatment, payment, or healthcare operations, nor disclosures made with your written authorization.

Right to Request Restrictions

You have the right to request that we restrict certain uses and disclosures of your PHI. While we are not required to agree to all restrictions, we must comply with your request to restrict disclosure to a health plan for services you have paid for in full out of pocket.

Right to Confidential Communications

You have the right to request that we communicate with you about your health information in a particular way or at a specific location. For example, you may request that we contact you only at your work phone number or by mail to a specific address.

Right to Revoke Authorization

If you have provided written authorization for us to disclose your information, you have the right to revoke that authorization in writing at any time, except to the extent that we have already taken action in reliance on the authorization.

Right to Request Deletion

For non-PHI personal information collected through our website (such as contact form submissions or email correspondence unrelated to treatment), you may request that we delete your information from our systems. Please note that we are required by law to retain medical and treatment records for a minimum period as specified by Ohio state law and federal regulations, and such records cannot be deleted upon request during the mandatory retention period.

Right to File a Complaint

If you believe your privacy rights have been violated, you have the right to file a complaint with:

  • MDI Helping Center's Privacy Officer at the contact information listed below
  • The U.S. Department of Health and Human Services, Office for Civil Rights
  • The Ohio Department of Health

We will not retaliate against you for filing a complaint.

How to Exercise Your Rights

To exercise any of the above rights, please contact our Privacy Officer by email at [email protected], by phone at (216) 340-9002, or by mail at 75 E Dayton Yellow Springs Rd, Fairborn, OH 45324. We may require written verification of your identity before processing certain requests.

HIPAA Notice and Protected Health Information

As a licensed addiction treatment center, MDI Helping Center is a "covered entity" under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This means we are legally required to maintain the privacy and security of your Protected Health Information and to provide you with notice of our legal duties and privacy practices.

What is Protected Health Information (PHI)?

Protected Health Information includes any individually identifiable health information that is created, received, maintained, or transmitted by our treatment center. This includes information related to your past, present, or future physical or mental health conditions, the provision of healthcare services at our facility, and payment for those services.

Additional Protections Under 42 CFR Part 2

Because MDI Helping Center provides substance use disorder treatment, your records related to substance use disorder diagnosis, treatment, and referral are further protected by federal regulation 42 CFR Part 2 (Confidentiality of Substance Use Disorder Patient Records). These regulations provide stricter privacy protections than HIPAA alone and include the following key provisions:

  • Consent Requirement: Information related to your substance use disorder treatment generally cannot be disclosed without your specific, written consent, even to other healthcare providers, family members, or law enforcement, except in limited circumstances defined by the regulation.
  • Court Orders: A court order authorizing disclosure of substance use disorder records must meet specific criteria outlined in 42 CFR Part 2, Subpart E, which requires a finding of "good cause" by the court.
  • Medical Emergencies: We may disclose your substance use disorder treatment information to medical personnel in a genuine medical emergency without your prior consent, but only to the extent necessary to address the emergency.
  • Research: Your records may be disclosed for research purposes only with your consent or under protocols approved by an Institutional Review Board (IRB) that include appropriate safeguards.
  • Audit and Evaluation: Disclosures may be made to qualified personnel for the purpose of conducting audits or evaluations of our treatment programs, subject to the specific requirements of 42 CFR Part 2.
  • Re-Disclosure Prohibition: Any information disclosed from your substance use disorder treatment records is accompanied by a written statement prohibiting the recipient from further disclosing the information without your additional written consent, except as permitted by law.

Patient Rights Specific to Addiction Treatment

In addition to the general privacy rights listed above, as a patient receiving addiction treatment at our Fairborn facility, you have the following rights:

  • The right to receive a copy of our Notice of Privacy Practices at the time of your admission to our treatment center
  • The right to be informed about the federal and state confidentiality protections that apply to your substance use disorder treatment records
  • The right to give or withhold consent for each specific disclosure of your treatment records, including disclosures to family members, employers, and other healthcare providers
  • The right to have your treatment records maintained separately from general medical records when required for additional protection
  • The right to be notified of any breach of your unsecured PHI as required by the HIPAA Breach Notification Rule

How We Handle Medical Records

MDI Helping Center maintains all patient medical records and substance use disorder treatment records in a secure, controlled environment at our facility. Our record-keeping practices include:

  • Electronic Health Records (EHR) are maintained in HIPAA-compliant systems with role-based access controls, ensuring that only authorized clinical staff can access patient information
  • Physical records, if any, are stored in locked, access-controlled areas within our Fairborn treatment facility
  • All staff members who have access to patient records receive comprehensive training on HIPAA requirements and 42 CFR Part 2 regulations
  • Records are retained in accordance with Ohio state law requirements (Ohio Administrative Code 3701-83-21) and applicable federal regulations
  • Record destruction, when permitted by law after the mandatory retention period, is conducted using secure methods that prevent unauthorized access to the information

Data Security

MDI Helping Center implements comprehensive administrative, technical, and physical safeguards to protect your personal information and Protected Health Information, as required by the HIPAA Security Rule (45 CFR Part 164, Subparts A and C).

Technical Safeguards

  • Encryption of data in transit using industry-standard TLS/SSL protocols for all website communications and electronic data exchanges
  • Encryption of data at rest for electronic Protected Health Information stored on our systems
  • Secure access controls, including unique user IDs, strong passwords, and multi-factor authentication for systems containing PHI
  • Regular vulnerability assessments and security testing of our information systems
  • Automatic session timeouts and audit logging for all access to electronic health records
  • Firewall protection and intrusion detection systems for our network infrastructure

Administrative Safeguards

  • Designated Privacy Officer and Security Officer responsible for overseeing compliance with privacy and security requirements
  • Comprehensive workforce training on HIPAA privacy and security regulations, 42 CFR Part 2 requirements, and our facility's privacy policies and procedures
  • Background checks for all staff members who have access to Protected Health Information
  • Sanctions policy for workforce members who violate privacy and security policies
  • Business Associate Agreements with all third-party vendors who access or process PHI on our behalf
  • Regular risk assessments to identify and address potential vulnerabilities
  • Incident response procedures for promptly addressing any security incidents or potential breaches

Physical Safeguards

  • Restricted access to areas within our Fairborn treatment facility where PHI is stored or accessible
  • Workstation security policies that require screen locking and proper log-off procedures
  • Secure disposal of physical media and documents containing PHI through shredding or other approved destruction methods
  • Visitor access controls and sign-in procedures for areas where PHI may be accessible

While we implement extensive security measures, no method of electronic transmission or storage is completely secure. If you have reason to believe that your interaction with our website or treatment center is no longer secure, please contact us immediately at (216) 340-9002 or [email protected].

Children's Privacy

Our website and online services are not intended for individuals under the age of 18. MDI Helping Center does not knowingly collect personal information from children under 18 through our website. If you are under 18, please do not submit any personal information through our website, including through contact forms, admissions inquiries, or email.

If a parent or guardian becomes aware that their child under the age of 18 has provided personal information to us through our website without their consent, please contact us immediately at [email protected] or (216) 340-9002. Upon verification, we will take prompt steps to delete such information from our systems.

Please note that this section pertains to information collected through our website. The treatment of minors at our physical treatment facility, when applicable and permitted by Ohio law, is governed by separate consent and privacy requirements, including parental or guardian consent for treatment and the privacy protections afforded to minor patients under HIPAA and Ohio law.

Changes to This Privacy Policy

MDI Helping Center reserves the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or operational needs. When we make changes, we will:

  • Update the "Effective Date" and "Last Updated" date at the top of this page
  • Post the revised Privacy Policy on our website at mdihelping.website/privacy.html
  • For material changes that affect how we handle Protected Health Information, provide notice through our website and, when feasible, direct communication to affected individuals

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website or services at our treatment center after any changes to this Privacy Policy constitutes your acceptance of the revised terms.

Ohio State Privacy Laws

In addition to federal regulations, MDI Helping Center complies with all applicable Ohio state laws regarding the privacy and confidentiality of personal and health information, including but not limited to:

  • Ohio Revised Code Chapter 3798 (Ohio Personal Privacy Act): We comply with Ohio's data protection requirements regarding the collection, use, and storage of personal information.
  • Ohio Revised Code Section 2317.02 (Physician-Patient Privilege): Communications between our clinical staff and patients at our Fairborn facility are protected by Ohio's physician-patient privilege, which limits the circumstances under which such communications may be disclosed in legal proceedings.
  • Ohio Administrative Code 3701-83 (Alcohol and Drug Addiction Programs): As a licensed addiction treatment center in Ohio, we adhere to all state regulations governing the confidentiality of patient records in alcohol and drug addiction programs, including record retention requirements.
  • Ohio Data Breach Notification Law (ORC 1349.19): In the event of a data breach affecting your personal information, we will provide notification in accordance with Ohio's breach notification requirements, in addition to the federal HIPAA Breach Notification Rule.

Contact Us About Privacy

If you have any questions, concerns, or requests regarding this Privacy Policy, your privacy rights, or how we handle your personal information and Protected Health Information, please contact our Privacy Officer:

MDI Helping Center - Mental Health Advisors
Privacy Officer
75 E Dayton Yellow Springs Rd
Fairborn, OH 45324

Phone: (216) 340-9002
Email: [email protected]
Hours: Available 24 hours a day, 7 days a week

For questions specifically about your treatment records or to exercise your HIPAA rights, you may also visit our treatment center in person at the address above during regular business hours. Our admissions team and Privacy Officer are available to assist you with any privacy-related inquiries.

If you believe your privacy rights have been violated, you may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights, at www.hhs.gov/ocr/privacy/hipaa/complaints/ or by calling 1-800-368-1019.

Begin Your Recovery Journey Today

Our compassionate admissions team at our Fairborn treatment center is available 24/7 to answer your questions and help you take the first step toward lasting recovery.

(216) 340-9002 Contact Our Facility