Privacy Policy

Next Step ABA > Privacy Policy

NextStep ABA (“we,” “our,” or “us”) respects your privacy and is committed to protecting your personal information. This Privacy Policy outlines how we collect, use, share, and protect information provided through our website, www.nextstepaba.net, and in connection with our Applied Behavior Analysis (ABA) therapy services.

1. Information We Collect

a. Personal Information

We may collect personal details you provide directly, including:

  • Full name
  • Email address
  • Phone number
  • Mailing address
  • Child’s name and date of birth
  • Insurance information
  • Details shared via contact or intake forms

b. Health Information (Protected Health Information – PHI)

If you are a client or a prospective client, we may collect health-related data as part of our services. This information is protected under the Health Insurance Portability and Accountability Act (HIPAA).

c. Automatically Collected Information

When you access our website, we may collect:

  • IP address
  • Browser and device type
  • Pages visited
  • Time spent on the site
  • Referring URL

Cookies or similar technologies may be used for website analytics and performance.

2. How We Use Your Information

We may use the information we collect to:

  • Respond to your questions or service inquiries
  • Provide and manage ABA therapy services
  • Schedule appointments and send reminders
  • Process billing and verify insurance
  • Improve our website and services
  • Meet legal, regulatory, or licensing requirements

3. Information Sharing

We do not sell or rent your personal information. We may share information with:

  • Licensed clinicians and administrative staff at NextStep ABA
  • Insurance providers and billing services
  • HIPAA-compliant third-party vendors (e.g., scheduling software, web hosting, analytics)
  • Legal or regulatory authorities, when required by law

All sharing of PHI is conducted in accordance with HIPAA regulations.

4. Your HIPAA Rights

As a client, you have the right to:

  • Access your or your child’s health records
  • Request corrections to inaccurate information
  • Request limits on how your information is used or disclosed
  • Receive confidential communications in a specified format or location
  • File a privacy complaint with us or the U.S. Department of Health & Human Services

To exercise any of these rights, contact us using the information below.

5. Data Security

We maintain administrative, technical, and physical safeguards to protect your personal and health information, including:

  • SSL encryption on our website
  • Secure servers and limited-access systems
  • Staff training in HIPAA compliance

Please note, no method of transmission over the internet is completely secure. For highly sensitive information, we recommend contacting us directly.

6. Children’s Privacy

We do not knowingly collect personal information directly from children under the age of 13 without verified parental or guardian consent. All client information is collected from parents or legal guardians.

7. Third-Party Links

Our website may include links to other websites not operated or controlled by NextStep ABA. We are not responsible for the privacy practices or content of third-party websites.

8. Your Choices

You may:

  • Opt out of non-essential communications
  • Manage cookies through your browser settings
  • Request access to or deletion of your information (where legally permitted)

Some data may be retained for compliance or operational reasons.

9. Policy Updates

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Effective Date.” Your continued use of the website or services after changes are made indicates acceptance of the revised policy.