Privacy Policy

Clearmind Mental Health Therapy Services LLC

Effective Date: Feb 17th 2026

Last Updated: Feb 17th 2026

This Privacy Policy describes how Clearmind Mental Health Therapy Services LLC ("we," "us," "our," or "the Practice") collects, uses, protects, and shares your personal information when you visit our website at www.clearmindmhservices.com or receive therapy services from us. This policy applies to all clients and website visitors.

1. Information We Collect

We collect several types of information to provide and improve our services:

Personal Information

• Contact Information: Name, email address, phone number, and mailing address
• Appointment Information: Scheduling details, session notes, treatment plans
• Health Information: Mental health history, symptoms, diagnoses, treatment information, medication information, and other Protected Health Information (PHI) as defined by HIPAA
• Insurance Information: Insurance provider details, policy numbers, and billing information
• Payment Information: Credit card details or other payment method information (processed through secure third-party payment processors)
• Emergency Contact Information: Names and contact details of individuals to contact in case of emergency

Technical Information

• Website Usage Data: IP address, browser type, device information, pages visited, time spent on pages, and referring website
• Cookies and Tracking Technologies: We use cookies and similar technologies to improve website functionality and analyze usage patterns

Methods of Collection

We collect information through:

• Contact forms on our website
• Phone and email communications
• Virtual therapy sessions via secure telehealth platforms
• Intake forms and assessments
• Insurance verification processes
• Website analytics tools
• UserWay accessibility features

2. How We Use Your Information

We use the information we collect for the following purposes:

Treatment and Care

• Providing mental health therapy services
• Developing and implementing treatment plans
• Coordinating care with other healthcare providers (with your consent)
• Maintaining accurate clinical records

Practice Operations

• Scheduling and managing appointments
• Processing payments and billing
• Verifying insurance coverage and submitting claims
• Responding to your inquiries and requests
• Improving our services and website functionality

Legal and Compliance

• Complying with applicable laws and regulations, including HIPAA
• Responding to legal requests, court orders, or subpoenas
• Protecting against fraud and unauthorized access
• Maintaining required records as mandated by professional licensing boards

Communication

• Sending appointment reminders
• Providing information about our services
• Responding to your questions or concerns

3. How We Share Your Information

We respect your privacy and will not sell your personal information to third parties. We may share your information only in the following circumstances:

With Your Consent

We will share your information with third parties when you provide explicit written authorization.

Service Providers

We may share information with trusted third-party service providers who assist us in operating our practice, including:

• Telehealth Platforms: Secure video conferencing services for virtual therapy sessions
• Payment Processors: Secure payment processing services for billing
• Insurance Companies: For claims processing and payment (when applicable)
• IT Service Providers: For data storage, security, and technical support
• Practice Management Software: For scheduling and record-keeping

These service providers are contractually obligated to maintain the confidentiality and security of your information and may only use it for the purposes we specify.

Legal Requirements

We may disclose your information when required by law, including:

• In response to court orders, subpoenas, or legal processes
• To comply with mandatory reporting requirements (e.g., suspected child abuse, imminent danger to self or others)
• To protect the rights, property, or safety of our practice, clients, or others
• In response to law enforcement requests when legally required

Healthcare Operations

We may share limited information with other healthcare providers involved in your care, professional consultants, or peer supervision (with identifying information removed when possible), as permitted under HIPAA.

Business Transfers

In the event of a merger, acquisition, or sale of our practice, your information may be transferred to the new owner, with appropriate confidentiality protections in place.

4. How Long We Retain Your Information

We retain your personal and health information in accordance with:

• Federal and State Laws: Including HIPAA requirements
• Professional Licensing Requirements: As mandated by the Maryland and Delaware licensing boards for clinical social workers
• Legal and Ethical Obligations: To maintain accurate records for continuity of care

Retention Periods:

• Active Client Records: Maintained for the duration of the therapeutic relationship plus a minimum of 7-10 years after the last date of service
• Terminated Client Records: Retained for a minimum of 7-10 years following termination of services, or longer if required by law
• Minor Client Records: Retained until the client reaches age 21, plus 7-10 years, or as required by state law
• Billing and Payment Records: Retained for a minimum of 7 years as required by tax and accounting regulations
• Website Analytics Data: Retained for up to 26 months

After the required retention period, records are securely destroyed through shredding (paper records) or secure deletion (electronic records).

Deletion Protocol: If you request deletion of your information, we will comply to the extent permitted by law, but we may be required to retain certain information for legal, regulatory, or professional obligations.

5. How We Protect Your Information

We take the security of your personal and health information seriously and implement multiple safeguards:

Technical Safeguards

• Encryption: All electronic PHI is encrypted both in transit (using SSL/TLS protocols) and at rest
• Secure Telehealth Platform: Virtual sessions are conducted using HIPAA-compliant, encrypted video conferencing services
• Access Controls: Password protection, multi-factor authentication, and role-based access limitations
• Firewall Protection: Network security measures to prevent unauthorized access
• Regular Security Updates: Software and systems are regularly updated with security patches

Physical Safeguards

• Secure Storage: Physical records (if any) are stored in locked, secure locations
• Device Security: Work devices are password-protected and encrypted
• Limited Access: Only authorized personnel have access to client information

Administrative Safeguards

• Staff Training: All personnel receive regular training on HIPAA compliance and privacy practices
• Business Associate Agreements: All third-party service providers who handle PHI sign agreements ensuring HIPAA compliance
• Privacy Policies and Procedures: Written policies govern the handling, use, and disclosure of client information
• Regular Risk Assessments: Periodic security assessments to identify and address vulnerabilities

Data Breach Procedures

In the event of a data breach that affects your personal or health information:

1. We will conduct an immediate investigation to determine the scope and impact
2. We will take steps to contain and mitigate the breach
3. We will notify affected clients within 60 days as required by HIPAA, or sooner if required by state law
4. We will notify the U.S. Department of Health and Human Services and, if necessary, local media
5. We will provide information about steps you can take to protect yourself
6. We will implement corrective measures to prevent future breaches

6. Your Privacy Rights

You have important rights regarding your personal and health information:

Right to Access

You have the right to inspect and obtain a copy of your health records. To request access:

• Submit a written request to jburanen@clearmindmhservices.com or call 301-892-6585
• We will respond within 30 days
• We may charge a reasonable, cost-based fee for copying and mailing records

Right to Amend

You may request corrections to your health records if you believe information is incorrect or incomplete:

• Submit a written request explaining what should be amended and why
• We may deny the request if the information is accurate and complete, but you may submit a statement of disagreement

Right to an Accounting of Disclosures

You may request a list of certain disclosures of your health information:

• This includes disclosures for purposes other than treatment, payment, or healthcare operations
• The accounting covers disclosures made in the previous six years

Right to Request Restrictions

You may request restrictions on how we use or disclose your health information:

• We are not required to agree to your request unless it involves disclosure to a health plan for payment purposes and you have paid for the service out of pocket in full
• If we agree, we will comply with your request unless the information is needed for emergency treatment

Right to Request Confidential Communications

You may request that we communicate with you in a specific way or at a specific location:

• For example, you may request that we only contact you via email or at a specific phone number
• We will accommodate reasonable requests

Right to a Paper Copy of This Notice

You have the right to receive a paper copy of this Privacy Policy at any time:

• Request by email at jburanen@clearmindmhservices.com
• Request by phone at 301-892-6585
• Download from our website at www.clearmindmhservices.com

Right to Revoke Authorization

If you have provided written authorization for specific uses or disclosures of your information, you may revoke that authorization at any time:

• Submit a written revocation request
• Revocation does not affect disclosures already made based on your previous authorization

Right to File a Complaint

If you believe your privacy rights have been violated:

• Contact our Privacy Officer: Jessica Buranen, LCSW-C, at jburanen@clearmindmhservices.com or 301-892-6585
• File a complaint with the U.S. Department of Health and Human Services Office for Civil Rights:
• Online: https://www.hhs.gov/ocr/privacy/hipaa/complaints/
• By phone: 1-877-696-6775
• By mail: Office for Civil Rights, U.S. Department of Health and Human Services, 200 Independence Avenue, S.W., Washington, D.C. 20201

You will not be retaliated against for filing a complaint.

Limitations on Rights

In certain circumstances, we may be unable to fulfill your requests if:

• Disclosure would endanger you or another person
• The information references another person (other than a healthcare provider)
• The request is for psychotherapy notes
• Legal or regulatory requirements prevent disclosure

7. Notice of Privacy Practices (HIPAA)

This section provides additional information about how we use and disclose your Protected Health Information (PHI) in accordance with HIPAA.

Uses and Disclosures for Treatment, Payment, and Healthcare Operations

Treatment: We may use and disclose your PHI to provide, coordinate, or manage your mental health treatment. This includes:

• Conducting therapy sessions
• Consulting with other healthcare providers involved in your care (with your authorization)
• Coordinating with specialists or other mental health professionals

Payment: We may use and disclose your PHI to bill and collect payment for services. This includes:

• Submitting claims to your insurance company
• Verifying insurance coverage
• Processing payments
• Collection activities if necessary

Healthcare Operations: We may use and disclose your PHI for practice operations, including:

• Quality assessment and improvement activities
• Staff training and professional development
• Business planning and management
• Compliance activities

Uses and Disclosures That Require Your Authorization

For uses and disclosures beyond treatment, payment, and healthcare operations, we will obtain your written authorization, including:

• Most uses and disclosures of psychotherapy notes
• Uses and disclosures for marketing purposes
• Disclosures that constitute a sale of PHI
• Other uses and disclosures not described in this policy

You may revoke your authorization at any time by submitting a written request.

Uses and Disclosures That May Be Made Without Your Authorization

In limited circumstances, we may use or disclose your PHI without your authorization:

Required by Law: When disclosure is required by federal, state, or local law.

Public Health Activities: To prevent or control disease, injury, or disability; to report births and deaths; to report child abuse or neglect; to report adverse events related to medical products; and to notify persons of recalls of products.

Health Oversight Activities: To authorized health oversight agencies for audits, investigations, inspections, or licensing purposes.

Judicial and Administrative Proceedings: In response to a court order, subpoena, or other lawful process.

Law Enforcement: For law enforcement purposes, including reporting crimes, locating suspects or witnesses, or complying with court orders.

Serious Threats to Health or Safety: To prevent or lessen a serious threat to your health and safety or the health and safety of another person or the public.

Mandatory Reporting: As required by Maryland and Delaware law, including:

• Suspected child abuse or neglect
• Suspected abuse or neglect of vulnerable adults
• Imminent danger of serious harm to self or others

Workers' Compensation: If you are involved in a workers' compensation claim.

Coroners, Medical Examiners, and Funeral Directors: To identify a deceased person or determine cause of death.

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience and analyze website usage.

What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us remember your preferences and understand how you interact with our site.

Types of Cookies We Use

Essential Cookies: Necessary for the website to function properly, including security features and basic functionality.

Analytics Cookies: Help us understand how visitors use our website, including which pages are visited most often and how users navigate the site. This information is used to improve website performance and user experience.

Preference Cookies: Remember your settings and preferences to provide a more personalized experience.

Third-Party Cookies

We may use third-party services that place cookies on your device:

• Google Analytics: To analyze website traffic and usage patterns (anonymized data)
• UserWay Accessibility Widget: To provide accessibility features and improve website accessibility

Your Cookie Choices

You can control cookies through your browser settings:

• Block All Cookies: Set your browser to refuse all cookies
• Delete Cookies: Clear cookies stored on your device
• Selective Blocking: Choose which cookies to accept

Note: Blocking cookies may affect website functionality and your user experience.

Do Not Track Signals

Some browsers offer "Do Not Track" (DNT) signals. Currently, there is no industry standard for responding to DNT signals, and our website does not respond to DNT requests. However, you can control cookies through your browser settings.

Opt-Out Options

To opt out of Google Analytics tracking, you can:

• Install the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout

9. UserWay Accessibility Widget

Our website uses the UserWay Accessibility Widget to improve website accessibility for individuals with disabilities.

What UserWay Does

UserWay provides an accessibility toolbar that allows visitors to:

• Adjust text size and spacing
• Change color contrast and display settings
• Enable screen reader compatibility
• Access keyboard navigation features
• Utilize other accessibility tools

Information Collected by UserWay

UserWay may collect limited technical information to provide accessibility features, including:

• Browser and device information
• Website usage data related to accessibility features
• Anonymized analytics to improve accessibility services

UserWay Privacy

UserWay's collection and use of information is governed by their own privacy policy, which can be found at: https://userway.org/privacy

UserWay does not have access to your personal or health information and operates independently as a third-party service provider.

Disabling UserWay

You can close or disable the UserWay widget at any time by clicking the close button within the accessibility toolbar.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA). However, as a healthcare provider subject to HIPAA, much of your health information is exempt from CCPA requirements.

For non-health information collected through our website, California residents have the right to:

• Request information about data collection and use
• Request deletion of personal information
• Opt-out of the sale of personal information (Note: We do not sell personal information)

To exercise these rights, contact us at jburanen@clearmindmhservices.com or 301-892-6585.

11. Children's Privacy

Our services are intended for adults (18 years and older). We do not knowingly collect personal information from children under 13 through our website without parental consent.

If we provide services to minors:

• We obtain appropriate parental or guardian consent
• We follow applicable state laws regarding consent and confidentiality for minors
• Parents/guardians have the right to access their child's health information, subject to certain limitations under state law

If you believe we have inadvertently collected information from a child under 13 without proper consent, please contact us immediately at jburanen@clearmindmhservices.com.

12. Maryland and Delaware Specific Requirements

As a therapy practice licensed in Maryland and Delaware, we comply with all applicable state privacy laws:

Maryland

• Maryland Confidentiality of Medical Records Act
• Maryland Licensed Clinical Social Worker Practice Act requirements
• Maryland mandatory reporting requirements

Delaware

• Delaware Health Care Facility Patient Bill of Rights
• Delaware Licensed Clinical Social Worker requirements
• Delaware mandatory reporting requirements

These state laws provide additional protections for your health information and may grant you additional rights beyond federal HIPAA requirements.

13. Telehealth Privacy

Because we provide services exclusively through secure virtual platforms:

Platform Security

• All virtual sessions are conducted through HIPAA-compliant, encrypted telehealth platforms
• We do not record sessions unless you provide explicit written consent
• You are responsible for ensuring your physical location during sessions is private

Your Responsibilities

To protect your privacy during telehealth sessions:

• Use a private, secure internet connection (avoid public Wi-Fi)
• Ensure you are in a private location where you cannot be overheard
• Use headphones when possible
• Do not allow others to view or listen to your session without prior agreement

Technical Limitations

While we use secure platforms, no electronic communication is completely secure. There is always a risk of interception or technical failure. By using telehealth services, you acknowledge and accept these risks.

14. International Data Transfers

Our services are provided within the United States. If you are accessing our website from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where privacy laws may differ from those in your country.

15. Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.

How We Notify You of Changes

• Website Posting: Updated policies will be posted on our website with a new "Last Updated" date
• Material Changes: For significant changes that affect how we use or disclose your PHI, we will:
• Provide notice through email or mail to active clients
• Post a prominent notice on our website
• Make the updated policy available at our office (if applicable)

Your Continued Use

Your continued use of our services or website after changes are posted constitutes your acceptance of the updated Privacy Policy.

Effective Date

The current version of this policy is effective as of the date listed at the top of this document. The updated policy applies to all information we maintain, including information collected before the effective date.

16. Contact Information for Privacy Concerns

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

Privacy Officer: Jessica Buranen, LCSW-C

Email: jburanen@clearmindmhservices.com

Phone: 301-892-6585

Mailing Address:
Clearmind Mental Health Therapy Services LLC
163 Riverside Drive
Elkton, MD 21921

Response Time: We will respond to your inquiry within 10 business days.

17. Additional Resources

For more information about your privacy rights and healthcare privacy:

U.S. Department of Health and Human Services
Office for Civil Rights
Website: https://www.hhs.gov/ocr/privacy/
Phone: 1-877-696-6775

Maryland Board of Social Work Examiners
Website: https://health.maryland.gov/bswe
Phone: 410-764-4755

Delaware Board of Clinical Social Work Examiners
Website: https://dpr.delaware.gov/boards/socialworkers/
Phone: 302-744-4534

18. Good Faith Estimate Notice

You have the right to receive a "Good Faith Estimate" explaining how much your medical care will cost. Under the law, health care providers need to give patients who don't have insurance or who are not using insurance an estimate of the bill for medical items and services.

• You have the right to receive a Good Faith Estimate for the total expected cost of any non-emergency items or services (including psychotherapy services)
• You can ask your health care provider for a Good Faith Estimate before you schedule an item or service
• If you receive a bill that is at least $400 more than your Good Faith Estimate, you can dispute the bill
• For questions or more information about your right to a Good Faith Estimate, visit www.cms.gov/nosurprises or call 800-985-3059

Acknowledgment of Receipt

By using our services or website, you acknowledge that you have received, read, and understood this Privacy Policy. If you have questions or do not agree with any part of this policy, please contact us before using our services.

Clearmind Mental Health Therapy Services LLC
Jessica Buranen, LCSW-C
163 Riverside Drive, Elkton, MD 21921
Phone: 301-892-6585
Email: jburanen@clearmindmhservices.com
Website: www.clearmindmhservices.com

This Privacy Policy complies with the Health Insurance Portability and Accountability Act (HIPAA), Maryland state laws, Delaware state laws, and applicable federal regulations. This document serves as our HIPAA Notice of Privacy Practices.