This agency is considered a 42 CFR part 2 program and complies with all substance abuse confidentiality regulations in addition to other privacy laws, such as the Health Insurance Portability and Accountability Act of 1996 (HIPPA). Part 2 Programs are prohibited from disclosing any information that would identify a person as having or having had a SUD unless that person provides written consent, except in specific circumstances. Limited disclosure without a consent can only be made under the following circumstances.

a. The disclosure is made to medical personnel in a medical emergency [42 CFR § 2.51]
b. Child Abuse reporting [42 CFR § 2.12(c)(6)]|
c. Crimes on program premises or against program personnel (42 CFR § 2.12(c)(5)]
d. Court ordered disclosures when procedures and criteria are met [42 CFR §$ 2.61-2.67].
When disclosures are made under the following circumstances the recipient is prohibited from redisclosing the information without consent. except under the following restricted circumstances:
Research: Researchers who receive patient identifying information are prohibited from redisclosing the patient-identifying information to anyone except back to the program [42 CFR § 2.52(b)).
Audits and Evaluations: Part 2 permits disclosures to persons and organizations authorized to conduct audits and evaluation activities, but imposes limitations by requiring any person or organization conducting the audit or evaluation to agree in writing that it will redisclose patient identifying information only (1) back to the program, or (2) pursuant to a court order to investigate or prosecute the program (not a patient), or (3) to a government agency that is overseeing a Medicare or Medicaid audit or evaluation [42 CFR § 2.53(c)(d)].
Qualified Service Organization Agreements (QSOAs): Part 2 requires the QSO to agree in writing that in receiving, storing, processing, or otherwise dealing with any information from the program about patients, it us fully bound by Part2, it will resist, in judicial proceedings if necessary, any efforts t obtain access to information pertaining to patients except as permitted by part Part 2, and will use appropriate safeguards to prevent the unauthorized use or disclosure or protected information(42CFR § 2.11]. In addition, QSOA's may allow disclosure in certain circumstances.
Authorizing Court Orders,/b>: When information is disclosed pursuant to an authorizing court order, Part 2 requires that steps be taken to protect patient confidentiality. In a civil case, Part 2 requires that the court order authorizing a disclosure include measures necessary to limit disclosure for the patient's protection, which could include sealing from public scrutiny the record of any proceeding for which disclosure of a patient's record has been ordered [42 CFR § 2.64(e)(3)]. In a criminal case, such order must limit disclosure to those law enforcement and prosecutorial officials who are responsible for or are conducting the investigation or prosecution and must limit their use of the record to cases involving extremely serious crimes or suspected crimes. For additional information regarding the contents of court orders authorizing disclosure, see 42 CFR § 2.65(e).