ASD.me takes privacy and protection of all Protected Health Information (PHI) e.g., patient-clinician communications, healthcare records, and documentation very seriously. As mentioned above, we utilize SimplePractice, a HIPAA-compliant practice management telehealth software for state-licensed Practitioners. ASD.me ensures the confidentiality, integrity, and availability of all electronic and paper PHI created, received, maintained, or transmitted, and will identify and protect against all reasonably anticipated threats to the security or integrity of the information, impermissible uses, or disclosures. ASD.me will not release any information regarding an individual’s diagnosis or condition without the informed written consent of the patient or his or her family or under the compulsion of legal process. To safeguard the confidentiality of individuals with disabilities, evaluators may withhold or redact any portion of the documentation that is not directly relevant to ASD.me criteria for establishing a diagnosis of a disability as defined by the Americans with Disabilities Amendments Act (ADAA). If a section of a report has been redacted, the evaluator should provide an acknowledgment and rationale for this action. To ensure HIPAA compliance, ASD.me will conduct all required audits and assessments under HIPAA rules, will do our due diligence in identifying and documenting gaps in compliance when found, establish a written remediation plan to address and correct deficiencies, provide all ASD.me staff with training on HIPAA compliance, create policies and procedures dedicated to HIPAA Privacy, Security, and Breach Notification Rules, identify, regularly monitor, and perform due diligence on all ASD.me vendors and business associates to assess their HIPAA compliance, and establish a process to identify incidents of violations and security breaches.