Dr. Rajiv Kumra, MD  |  Adolescent & Addiction Medicine  |  CA Lic. C50114 · NY Lic. 193698  |  NYC · Rocklin · San Jose

Privacy Policy

Effective Date: January 1, 2026

1. Introduction

StopADHD by Dr. Rajiv Kumra, MD ("we," "us," "our," or "StopADHD") is committed to protecting your privacy and maintaining the confidentiality of your health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, telemedicine services, and in-person evaluation services.

Dr. Rajiv Kumra, MD is licensed to practice medicine in New York and California and specializes in ADHD evaluation and medication management for adults 18 and older. Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Personal Information

We collect personal information you provide directly, including:

  • Full name, date of birth, and contact information (email, phone, mailing address)
  • Insurance information and billing details (HSA/FSA account information if applicable)
  • Emergency contact information
  • Demographic information (gender, race, ethnicity, language preference)

2.2 Protected Health Information (PHI)

As part of our clinical services, we collect and maintain Protected Health Information, including:

  • Medical history and past psychiatric treatment
  • Current medications and allergies
  • ADHD screening results (ASRS-v1.1, GAD-7, PHQ-9, MDQ, CAGE-AID)
  • Clinical notes and assessment findings from your evaluation
  • Diagnosis and treatment recommendations
  • Medication prescriptions and ongoing titration data
  • Telemedicine visit notes and communications
  • Genetic information related to ADHD and comorbidities (if relevant)

2.3 Website Analytics and Technical Information

When you visit our website, we automatically collect certain technical information:

  • IP address and browser type
  • Pages visited and time spent on our site
  • Referring website and search terms
  • Device type and operating system
  • Cookies and similar tracking technologies

3. HIPAA Compliance and Protected Health Information

StopADHD is a covered entity under the Health Insurance Portability and Accountability Act (HIPAA). We comply with all HIPAA Privacy, Security, and Breach Notification Rules. Your Protected Health Information is treated with the highest level of confidentiality and security.

We maintain a Notice of Privacy Practices in accordance with 45 CFR §164.520, which explains your rights regarding your health information. Upon request, we will provide you with a copy of our Notice of Privacy Practices and our Business Associate Agreements with third parties who have access to your PHI.

Your HIPAA rights include the right to: access your medical records, request corrections, request restrictions on use and disclosure, receive an accounting of disclosures, request alternative communication methods, and file complaints with the U.S. Department of Health and Human Services Office for Civil Rights.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • Clinical Services: To provide ADHD evaluation, diagnosis, medication management, and ongoing psychiatric care
  • Treatment Coordination: To coordinate care with other providers or specialists you authorize
  • Quality Improvement: To improve our clinical outcomes and services
  • Billing and Payment: To process superbills, HSA/FSA claims, and payment for services
  • Legal Compliance: To comply with state and federal medical record retention laws
  • Appointment Scheduling: To manage scheduling through ZocDoc and send appointment reminders
  • Website Analytics: To understand how visitors use our website and improve user experience
  • Communications: To respond to your inquiries and send you information about our services

5. Information Sharing and Disclosure

5.1 When We Disclose PHI

We disclose Protected Health Information only when permitted or required by HIPAA, including:

  • To healthcare providers directly involved in your treatment (with your written authorization if required)
  • For health care operations such as billing and quality improvement
  • As required by law, such as court orders or mandatory reporting (e.g., imminent harm, child/elder abuse)
  • To regulatory agencies and accreditation bodies as required for oversight
  • For public health activities (e.g., disease reporting to health departments)
  • To law enforcement with valid court orders or subpoenas

5.2 What We Do NOT Do

  • We do NOT sell your health information to marketing companies, data brokers, or third parties for profit.
  • We do NOT share your information with insurance companies unless you have authorized us in writing. StopADHD is an out-of-network provider.
  • We do NOT use your information for direct marketing without your explicit consent.
  • We do NOT disclose your health information to employers or schools without a signed release.

5.3 Business Associates

We work with Business Associates who have access to your PHI under HIPAA Business Associate Agreements. These include:

  • ZocDoc: For appointment scheduling and practice management
  • Telemedicine and Electronic Health Record (EHR) providers: For secure storage and transmission of health information
  • Payment processors: For secure processing of HSA/FSA and out-of-pocket payments
  • Technical support vendors: For website and IT infrastructure management

All Business Associates are contractually bound to maintain confidentiality and security standards consistent with HIPAA regulations.

6. Data Security

We implement comprehensive physical, electronic, and procedural safeguards to protect your information, including:

  • Encryption of all protected health information in transit and at rest
  • Secure access controls and multi-factor authentication
  • Regular security audits and vulnerability assessments
  • Staff training on privacy and security best practices
  • Limited access to PHI on a need-to-know basis
  • Secure deletion protocols for outdated records
  • Incident response procedures for any potential breaches

While we implement strong security measures, no internet transmission is completely secure. We cannot guarantee absolute security of your information, but we commit to continuous improvement of our security practices.

7. Cookies and Website Analytics

Our website uses cookies and similar tracking technologies to enhance user experience and collect analytics data. These cookies do not contain Protected Health Information. You can control cookie settings through your browser preferences. Disabling cookies may affect website functionality.

We use analytics services to understand visitor behavior and improve our website. This data is aggregated and does not identify you personally. You may opt out of analytics tracking through your browser settings.

8. Third-Party Services

8.1 ZocDoc Scheduling

We use ZocDoc for appointment scheduling and practice management. When you book an appointment through ZocDoc, your information is shared with ZocDoc's servers. ZocDoc is a Business Associate under HIPAA. Review ZocDoc's privacy policy at zocdoc.com/privacy for additional information about their data handling practices.

8.2 Payment Processing

We accept HSA/FSA cards and out-of-pocket payments through secure payment processors. We do not store your credit card information. All payment transactions are encrypted and comply with PCI-DSS standards.

8.3 External Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of external sites. We encourage you to review the privacy policies of any third-party services before sharing personal information.

9. Your Rights Under HIPAA

You have the following rights regarding your Protected Health Information:

  • Right to Access: Request and obtain a copy of your medical records within 30 days
  • Right to Amend: Request corrections to inaccurate or incomplete health information
  • Right to Restrict Use: Request restrictions on how we use or disclose your information
  • Right to Accounting of Disclosures: Request a list of who we have disclosed your information to
  • Right to Confidential Communication: Request alternative communication methods (e.g., different phone number, email)
  • Right to Receive Notice: The right to receive this Notice of Privacy Practices in written or electronic form

To exercise any of these rights, contact us at info@stopadhd.org or (401) 228-4185. We will respond to your request within the timeframe required by law.

10. State-Specific Privacy Rights

10.1 California Consumer Privacy Act (CCPA)

If you are a California resident, you have the following rights under the CCPA:

  • Right to know what personal information is collected, used, shared, and sold
  • Right to delete personal information (with limited exceptions for medical records)
  • Right to opt-out of the sale or sharing of personal information
  • Right to correct inaccurate personal information
  • Right to limit use and disclosure of sensitive personal information

Note: StopADHD does not sell personal information. Health information is protected by HIPAA and is not subject to CCPA deletion rights when necessary to maintain medical records.

10.2 New York Privacy Rights

New York state law provides additional protections for health information. Your health records are confidential and protected by New York Public Health Law. You have the right to inspect, copy, and request amendments to your health records.

11. Mandatory Reporting

Dr. Kumra is required by law to report certain information without your consent or authorization, including:

  • Suspected child abuse or neglect
  • Suspected elder or dependent adult abuse
  • Threat of imminent harm to self or others
  • Information required by court order or legal subpoena

These disclosures are made in accordance with applicable state and federal laws and are not violations of your privacy rights.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The "Effective Date" at the top of this policy indicates when it was last revised. We will notify you of significant changes by posting the updated policy on our website and updating the effective date. Continued use of our services following notification of changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Information

If you have questions about this Privacy Policy, wish to exercise your rights, or have a privacy concern, please contact us:

StopADHD by Dr. Rajiv Kumra, MD

Email: info@stopadhd.org

Phone: (401) 228-4185

New York Office: 245 5th Avenue, 3rd fl, New York, NY 10016

Rocklin Office: 2221 Sunset Blvd, #119, Rocklin, CA 95765

San Jose Office: 125 N Jackson Rd, Unit 101, San Jose, CA 95117

File a Complaint with HHS

If you believe your privacy rights have been violated, you have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights (OCR):

HHS Office for Civil Rights

U.S. Department of Health and Human Services

200 Independence Avenue, S.W.

Washington, D.C. 20201

Website: www.hhs.gov/ocr

Important Notice: This Privacy Policy is provided for informational purposes. For complete information about your privacy rights and our compliance practices, please request a copy of our HIPAA Notice of Privacy Practices. StopADHD is committed to transparency and compliance with all applicable federal and state privacy laws, including HIPAA, CCPA, and New York privacy regulations.