Privacy Notice

Purpose of Privacy Notice

The purpose of the privacy notice is to notify everyone about Reach High Consulting’s data protection practices and policies. Reach High Consulting acts as its own data controller meaning we are responsible for keeping your personal data stored securely and that we may use your personal data to perform some of our essential job functions.

Why Do You Need My Personal Data?

The legalities surrounding the data that is collected and processed is primarily tied to our ethical and legal requirements to provide sufficient data to insurance providers regarding completion of services for your child. We are required to securely store the information for at least 7 years before it can be permanently destroyed. Reach High Consulting uses your personal data to complete the following functions:

  • Billing and Reimbursement
  • Communication
  • Staff Training (Child Programming Data)
  • Scheduling and Care Management
  • Direct Services

We also use programming data collected during your child’s sessions to monitor how effective our treatment plans are and to provide us with some insight for future services we provide to other patients.

Who is Collecting the Data?

Direct Care Staff

They work with your children daily running programs written by our clinicians. The data they collect is regarding your child’s progression with programs and information about their behaviors throughout the sessions.

Clinical Team

The Clinical Team utilizes the information collected by Direct Care Staff to revise and update treatment plans that include goals for your children and include the programs to help them achieve those goals.

Operational Team & Administrative Staff

Our administrative staff members support the programming team with backend management including tasks like billing, scheduling and communicating with families. Financial information utilized for co-payments and deductibles is not made accessible to members of our programming team.

Data Storage Methods

All paper data that is collected and stored is kept in locked filing cabinets that only authorized personnel have access to. For long-term storage, data is digitized and securely stored using encrypted cloud-storage. Most of the data collected at RHC is collected and stored digitally to reduce the risk of unauthorized access to personally identifiable information about you, your family, or your child.

Third Party Sharing

We share personally identifiable information about your child with your insurance provider for the purposes of our legal obligation to sufficiently prove completion of services. We do not share more information than is necessary for the service provided by any of our third-party contacts.

Your Rights to Your Data or Your Child’s Data


You have the right to access information regarding the progress your child is making according to treatment plan goals and the data that is collected during services. You can request a record of our current information for you or your child to verify and correct personal data that has been collected.


We are required, by law, to maintain records for services provided for at least 7 years, therefore we cannot always delete the data we have on file regarding you or your child’s services. This data is securely stored, and access is restricted in accordance with HIPAA laws.


You have a right to request that we halt or restrict data collection about your child, however, we will not be able to provide adequate services without your consent to collect data about your child. This request may result in a termination of services.


We make it a point to make our programming data easily accessible through our practice management system. Questions or concerns can be addressed by the clinician overseeing your child’s case. You can request that we send your child’s information and data to another authorized provider for transitioning purposes.

Privacy Notice Contact Information

If you have any questions regarding our privacy notice or the use of your information, please contact our Compliance Officer using the following link:


Consent is required for Reach High Consulting and Therapy to process both types of personal data (personally identifiable and non-identifiable), but it must be explicitly given. Where we are asking you for sensitive personal data we will always tell you why and how the information will be used.

You may withdraw consent at any time. The withdrawal is not complete until you receive written confirmation indicating that Reach High Consulting has received and processed your withdrawal request. Please note that withdrawal of consent may result in the termination of services if we are unable to fulfill our ethical and legal obligations to you as a patient.