Home
Partial Care (PHP) IOP (5-Day) IOP (3-Day) Virtual IOP Outpatient Program MAT Mental Health Program Family Program Alumni Program Adderall Rehab Xanax Rehab MDMA Rehab
Alcohol Opioids Heroin Cocaine Fentanyl Meth Benzos Marijuana Prescription Drugs Stimulants Nicotine Hallucinogens Gambling Anxiety Depression PTSD Bipolar Disorder OCD ADHD BPD Schizophrenia Eating Disorders Self-Harm
CBT DBT EMDR ACT Motivational Interviewing Group Therapy Family Therapy Holistic Therapy View All Therapies →
About Our Facility Our Team Admissions Insurance Contact Call (201) 781-8812
Legal

Privacy Policy

Last Updated: February 24, 2026

01

Introduction

Valley Spring Recovery Center ("we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, contact us, or receive treatment services at our facility located at 830 Broadway, Norwood, NJ 07648.

As a CARF-accredited behavioral health treatment center, we adhere to the highest standards of patient privacy and data protection. This policy applies to all information collected through our website, phone communications, in-person interactions, and any related services, sales, marketing, or events.

By accessing our website or providing your information to us, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies and practices, please do not use our services or website.

02

Information We Collect

Personal Information You Provide

We may collect the following personal information when you contact us, submit a form, or enroll in our treatment programs:

  • Full name, date of birth, and contact information (phone number, email address, mailing address)
  • Insurance information, including policy numbers and provider details
  • Medical and behavioral health history, including substance use history
  • Emergency contact information
  • Financial and billing information necessary for treatment services
  • Referral source information (e.g., referring physician, family member, or self-referral)

Protected Health Information (PHI)

As a healthcare provider, we collect and maintain Protected Health Information as defined by the Health Insurance Portability and Accountability Act (HIPAA). This includes any individually identifiable health information related to your past, present, or future physical or mental health condition, treatment, or payment for healthcare services.

Information Collected Automatically

When you visit our website, we may automatically collect certain technical information, including:

  • IP address and approximate geographic location
  • Browser type and version, device type, and operating system
  • Pages visited, time spent on pages, and navigation patterns
  • Referring website or source that led you to our site
  • Date and time of your visit
03

How We Use Your Information

We use the information we collect for the following purposes:

  • Treatment Services: To provide, coordinate, and manage your addiction treatment and mental health care, including Partial Hospitalization (PHP), Intensive Outpatient Programs (IOP), Virtual IOP, and Alumni programs
  • Insurance Verification: To verify your insurance coverage and process claims with your insurance provider
  • Communication: To respond to your inquiries, schedule appointments, send treatment-related communications, and provide aftercare support
  • Quality Improvement: To evaluate and improve the quality of our treatment programs and patient outcomes
  • Legal Compliance: To comply with applicable laws, regulations, and accreditation requirements, including HIPAA, state licensing regulations, and CARF standards
  • Website Improvement: To analyze website usage patterns and improve our online experience
  • Safety and Security: To protect the safety of our patients, staff, and community
04

How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

  • Treatment, Payment, and Healthcare Operations: We may share your PHI with other healthcare providers involved in your care, insurance companies for payment purposes, and for internal healthcare operations as permitted by HIPAA
  • With Your Consent: We may share your information with third parties when you have provided written authorization, such as sharing treatment records with a referring provider or family member
  • Legal Requirements: We may disclose information when required by law, such as mandatory reporting of suspected abuse or neglect, court orders, or public health reporting requirements
  • Business Associates: We may share information with trusted third-party service providers who perform functions on our behalf (e.g., billing companies, electronic health record vendors) under strict Business Associate Agreements that require them to protect your information
  • Emergency Situations: We may disclose PHI to prevent or lessen a serious and imminent threat to a person or the public
42 CFR Part 2 Protection

As a substance use disorder treatment provider, your records are further protected under 42 CFR Part 2, federal regulations that provide additional confidentiality protections for substance use treatment records. These records cannot be disclosed without your specific written consent, except in limited circumstances defined by federal law.

05

HIPAA Compliance

Valley Spring Recovery Center fully complies with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the HITECH Act. Our HIPAA compliance program includes:

  • Notice of Privacy Practices: All patients receive a detailed Notice of Privacy Practices upon admission that explains how their health information may be used and their rights regarding that information
  • Administrative Safeguards: We maintain comprehensive policies and procedures governing the use and disclosure of PHI, conduct regular staff training, and have designated a Privacy Officer
  • Physical Safeguards: We secure our physical premises to prevent unauthorized access to areas where PHI is stored or discussed
  • Technical Safeguards: We implement encryption, access controls, audit logs, and other technical measures to protect electronic PHI
  • Breach Notification: In the unlikely event of a data breach, we will notify affected individuals and relevant authorities as required by law

A complete copy of our Notice of Privacy Practices is available at our facility and upon request. If you believe your privacy rights have been violated, you may file a complaint with our Privacy Officer or the U.S. Department of Health and Human Services Office for Civil Rights.

06

Your Rights

Under HIPAA and applicable state laws, you have the following rights regarding your personal and health information:

  • Right to Access: You have the right to request access to and receive a copy of your health records and other personal information we maintain about you
  • Right to Amend: You may request that we amend your health information if you believe it is inaccurate or incomplete
  • Right to Restrict: You may request restrictions on certain uses and disclosures of your health information, although we are not required to agree to all restriction requests
  • Right to Confidential Communications: You may request that we communicate with you through specific means or at specific locations (e.g., only by mail to a particular address)
  • Right to an Accounting of Disclosures: You have the right to receive an accounting of certain disclosures of your health information made by us
  • Right to Revoke Authorization: If you have provided written authorization for the use or disclosure of your information, you may revoke that authorization at any time in writing
  • Right to File a Complaint: You may file a complaint with us or the U.S. Department of Health and Human Services if you believe your privacy rights have been violated. We will never retaliate against you for filing a complaint

To exercise any of these rights, please contact our Privacy Officer using the contact information provided at the end of this policy.

07

Cookies and Tracking

Our website uses cookies and similar tracking technologies to improve your browsing experience and analyze website traffic. These technologies include:

  • Essential Cookies: Necessary for the website to function properly, such as remembering your form inputs during an insurance verification request
  • Analytics Cookies: Help us understand how visitors interact with our website, which pages are most visited, and how users navigate through the site. We use this data to improve our website and services
  • Marketing Cookies: May be used to deliver relevant information about our treatment services to individuals who have visited our website

You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, disabling certain cookies may affect the functionality of our website.

We do not track personal health information through cookies. Our cookie practices apply only to general website usage data and do not involve any Protected Health Information.

08

Data Security

We take the security of your personal information seriously and implement a comprehensive set of security measures to protect it, including:

  • SSL/TLS encryption for all data transmitted through our website
  • Encrypted electronic health record systems with role-based access controls
  • Regular security assessments and vulnerability testing
  • Employee background checks and ongoing security awareness training
  • Physical security measures including restricted access areas and secure document storage
  • Secure data backup and disaster recovery procedures
  • Incident response protocols for potential data breaches

While we strive to protect your information using commercially reasonable safeguards, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your data but are committed to promptly addressing any security incidents.

09

Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18 through our website. If we learn that we have inadvertently collected information from a child under 18 without appropriate parental or guardian consent, we will take steps to delete that information as quickly as possible.

If you are a parent or guardian and believe that your child has provided personal information to us through our website, please contact us immediately using the information provided below so that we can take appropriate action.

10

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this page.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Significant changes will be communicated through a prominent notice on our website. Your continued use of our website or services after any changes to this policy constitutes your acceptance of the updated terms.

11

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights regarding your personal information, or need to file a privacy complaint, please contact us:

Valley Spring Recovery Center

Privacy Officer / Compliance Department

830 Broadway, Norwood, NJ 07648
(201) 781-8812
privacy@valleyspringrecovery.com

You may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by visiting hhs.gov/hipaa/filing-a-complaint or calling 1-800-368-1019.

Call Now Verify Insurance