EMERGENCY: Call or text 988

Welcome to the Department of Behavioral Health and Intellectual Disabilities Services

Department of Behavioral Health and Intellectual disAbility Services


HIPAA Notice of Privacy Practices
City of Philadelphia


We are required by law to protect the privacy of your health information. We also are required to send you this Notice, which explains how we may use information about you and when we can give it out or “disclose” it to others. You also have rights regarding your health information that are described in this Notice. We are required by law to follow the terms of this Notice.

The term “information” or “health information” in this Notice includes any information we maintain that reasonably can be used to identify you and that relates to your physical or mental health condition, the provision of health care to you, or the payment for such health care.


We may use and disclose your health information without your permission for your treatment, to pay for your health care and to operate our business as follows:

  • For Payment:
    We may use and disclose your health information in order to pay for the treatment and services you receive from healthcare providers, to determine your eligibility for benefits and our responsibility to pay benefits for claims submitted for your treatment, and to process claims for health care services you receive, including coordination of other benefits you may have. For example, we may tell your doctor whether you are eligible for coverage and what percentage of the bill may be covered. We also may share your health information with other government programs such as Medicaid and Medicare to coordinate benefits.
  • For Treatment:
    We may use or disclose your health information to arrange for your treatment or the coordination of your care. For example, we may disclose information to your physicians or hospitals to help them provide medical care to you.
  • For Health Care Operations:
    We may use and disclose your health information for certain internal business activities. For example, we may review information we receive from your health care providers to evaluate how well our programs are working or to determine the need for and quality of health care services provided to you and/or your family.
  • For Reminders and Other Information:
    We may use your health information to contact you to remind you about your appointments with providers who treat you, to give you information on treatment alternatives, and to provide you with information on other health related benefits and services.

We also may use or disclose your health information, in most cases without your permission, [simple_tooltip content=’Special Protections for Sensitive Information: Federal and Pennsylvania laws require special privacy protections for certain sensitive information about you. Generally, we are required to get your written permission to release any alcohol or drug abuse treatment information relating to you or information that would show that you have HIV of AIDS. In some situations, Pennsylvania law also requires us to have your written permission before we disclose any mental health or intellectual disability information relating to you.’](2)[/simple_tooltip] for the following purposes:

  • Required by Law:
    We may use or disclose your health information when and to the extent we are required by law to do so.
  • Business Associates:
    Sometimes we arrange with individuals and businesses that are not part of DBHIDS to perform certain functions on our behalf. These individuals and businesses (referred to as our “business associates”) are required to sign a contract with us to protect the privacy of your information and are not allowed to use or disclose any information other than as specified in our written agreement with them.
  • The County Administrator:
    We are permitted to share your health information with the County Administrator or his/her designee who is responsible for overseeing mental health services and must receive information regarding the City’s mental health operations to carry out his or her responsibilities.
  • Commitment Proceedings:
    During the course of an involuntary commitment proceeding, the judge may direct that the court, or a mental health review officer assigned under the Mental Health Procedures Act, have access to your health information for purposes of conducting the hearing. If you are the subject of an involuntary commitment proceeding, your health information will be shared with attorneys assigned to represent you.
  • To Avert Serious Threat to Health/Safety:
    We may use or disclose information when necessary to prevent a serious threat to your health or safety or the health and safety of the public or another person. Any disclosure, however, must be to someone who may be able to help prevent the threat.
  • Specialized Government Functions:
    We may disclose your health information requested by the federal government for specialized functions such as national security and intelligence activities, protective services for the President and others, and military and veteran activities.
  • Public Health Purposes:
    We may disclose your health information for public health purposes to a public health authority that is legally authorized to collect or receive your health information for the purpose of preventing or controlling disease, injury or disability, including but not limited to the reporting of disease, births and deaths.
  • Correctional Institutions:
    If you are an inmate of a correctional institution or under the custody of a law enforcement official, we may disclose your health information as necessary (1) for the institution to provide you with health care; (2) to protect the health and safety of you and others; or (3) for the safety and security of the correctional institution.
  • Reporting Abuse:
    When required by law, we may disclose to authorities the health information of anyone who we reasonably believe is a victim of abuse or neglect. Under Pennsylvania law, we are not permitted to report domestic violence to authorities without your consent.
  • Health Oversight Activities:
    We may disclose your health information to a health oversight agency for activities authorized by law such as audits, investigations, licensing and inspections. These activities are needed for the government to oversee the healthcare system.
  • Judicial and Administrative Proceedings:
    We may disclose your health information in response to a court order, subpoena or administrative request.
  • Law Enforcement:
    In certain circumstances, we may disclose your health information to law enforcement officials in response to a court order, subpoena, warrant, or similar process. We also may disclose limited health information to law enforcement to identify or locate a suspect, fugitive, witness, or victim of a crime or to report a crime on our premises.
  • Research:
    We may use or disclose your health information for research purposes without your permission only after a special approval process that protects patient safety and confidentiality or if information that may directly identify you is removed. We also may allow researchers to look at records in our offices to help develop their research project or for related purposes, as long as the researchers do not remove the records from our offices or copy any health information.
  • Food and Drug Administration (FDA):
    We may disclose your health information to the FDA about problems with food, supplements, product and product defects, or post marketing surveillance information so that the FDA may call for product recalls, repairs, or replacements.
  • Workers Compensation:
    We may disclose your health information as authorized by law to comply with laws relating to workers compensation or other similar programs established by law.
  • Coroners, Funeral Directors and Organ Donation:
    We may disclose your information to a coroner or medical examiner for identification purposes, cause of death determinations, organ donation, and related reasons. We also may disclose information to funeral directors as needed to carry out their duties.
  • Reports:
    If an employee or business associate believes in good faith that we engaged in unlawful conduct or otherwise violated professional or clinical standards and are potentially hurting individuals, workers or the public, we may give your health information to an appropriate health oversight agency, public health authority or attorney.
  • Breach Notification:
    We may use your contact information and other health information to investigate and notify you or government authorities of an unauthorized acquisition, use, or disclosure of or possible access to your health information.

If you are present and do not object or if it is an emergency and we determine that it is in your best interest, we may disclose your health information:

  • To a relative or someone who is involved in your care or health care payment;
  • To notify or assist in notifying a family member or personal representative of your location and general condition;
  • To legally authorized disaster relief agencies to coordinate with such agencies during an emergency or disaster.

Uses and Disclosures that Require Your Written Permission:

In any situation not described above, we will not use or disclose any of your health information unless you sign a written authorization that gives us permission to do so. If you sign an authorization and later change your mind, you can let us know in writing. This will stop any future uses and disclosures of your information but will not require us to take back any information we already disclosed.

We will not use or disclose your health information for marketing purposes or sell your health information without your authorization.


You have the following rights regarding your health information:

  • You have the right to inspect and request a copy of medical and billing records maintained and used by us to make decisions about you. On rare occasions, we may deny your request to view or receive a copy of some information in the record. You will be charged a fee for the cost of copying, mailing, and supplies associated with your request as permitted under Pennsylvania law.
  • You have the right to request that we communicate with you in certain ways (such as by letter or phone) or at a certain location. For example, you may ask that we only contact you at home or at work. Your request must be in writing and specify how or where you wish to be contacted. We will accommodate reasonable requests.
  • If you think some of the health or other information we have in your record is wrong or incomplete, you have the right to ask us in writing to correct or add new information. In certain cases, we may deny your request to add or correct information. If we deny your request, we will provide you a written explanation of why we denied your request and explain what you can do if you disagree with our decision.
  • You have the right to request an “accounting of disclosures”. This is a list of persons or organizations to which we have disclosed your health information for certain purposes. Your request may cover any disclosures made in the six years before the date of your request.
  • You have the right to receive notice, as required under federal regulation, of an unauthorized access, use, or disclosure of your health information. “Unauthorized” means that the access, use, or disclosure was not authorized by you or permitted by law without your authorization.
  • You have the right to ask that your health information not be shared in certain circumstances. We are not required to agree to your request. If we agree, we will comply with your request unless we notify you otherwise or the information is needed to provide you with emergency treatment.
  • You have the right to receive a paper copy of this Notice of Privacy Practices upon request.
  • If you are younger than 18 years old and have the legal right to consent to your own health care, then you control the access to and disclosure of health information relating to such care.


Contacting DBHIDS:
If you have any questions about this Notice, please contact:

DBHIDS Privacy Officer
1101 Market Street, 7th Floor
Philadelphia, PA 19107
Phone: (215) 685-4768

Submitting a written request:
If you want to exercise any of your rights listed above, mail your written request to:

DBHIDS Privacy Officer
1101 Market Street, 7th Floor
Philadelphia, PA 19107
Phone: (215) 685-4768

Submitting a virtual or digital request:
If you want to exercise any of your rights listed above, please complete the PHI Release from DBHIDS – Authorization Form and email the completed form to DBHIDS.HIPAA@Phila.gov

HIPAA Breach Hotline: (215) 685-4763 or (888) 858-1748

Submitting a complaint:
If you believe that your privacy rights have been violated, you may submit a complaint to the City by contacting the City-wide HIPAA Privacy Officer. The City-wide HIPAA Privacy Officer may be reached at:

City-wide HIPAA Privacy Officer
City of Philadelphia Law Department
1515 Arch St., 15th Floor
Philadelphia, PA 19102
Phone: (215) 683-5237

You also may file a complaint with the Secretary of the U.S. Department of Health and Human Services at the following address:

U.S. Department of Health & Human Services Region III Office for Civil Rights
150 S. Independence Mall West, Suite 372
Philadelphia, PA 19106-9111

It is safe to file a complaint. No one may hold it against you.

Effective Date and Duration of This Notice:

This Notice is effective on Sept. 16, 2013.

We have the right to change our privacy practices and the terms of this Notice at any time. We reserve the right to apply any changes in our Notice to information we already have and to information that we receive in the future. If we make an important change to our Notice, we will post the revised Notice online at www.phila.gov.You also may obtain a revised Notice by contacting the DBHIDS HIPAA Privacy Officer.

You can download a copy of our HIPAA Notice of Privacy Practices here

Last modified: Jul 16, 2024 @ 8:59 am