Privacy Policies: Legal Considerations cont.

Privacy Policies in Recovery Housing > Privacy Policies: Legal Considerations cont.


When it comes to privacy, one of the first things we think of are the laws that protect the privacy of individuals when seeking treatment or health care. 

There are two laws that an organization need to be aware of when considering the privacy of residents as well as the storage and handling of records.  These are 42 CFR Part 2  and HIPAA.  These laws may or may not apply to how an organization is structured and the specific services the larger organization provides.   

  1. The first law you should be aware of is 42 CFR Part 2 it is a law designed to protect the privacy of individuals seeking treatment for substance use disorders.  This law applies to any “federally assisted” program that provides substance use or alcohol use disorder treatment, diagnosis or referrals.
  2. The second law you may have heard about is the Health Insurance Portability and Accountability Act (HIPAA).

Recovery homes are not considered treatment programs, but they may come into contact with information from a treatment program, or receive federal assistance for their program.  An organization may also be a part of a larger multi-service organization that has access to specific types of information. BUT recovery homes are not treatment providers or health care providers, and they do not provide treatment services at the recovery home.

Even if these laws do not apply to a recovery housing organization, it is important to at least be aware of them, because an organization will likely be sharing information with other organizations, such as doctors and treatment centers, where these laws do apply – and understanding how these laws impact service partners will help your organization be a more effective partner and ensure you are keeping resident information safe.

(LEARN MORE from SAMHSA about Substance Use Confidentiality Regulations HERE.)

(LEARN MORE HHS about Who Must Comply with HIPAA HERE.)