Privacy Policy

HIPAA & Data Protection

Our Commitment to Your Privacy

Your privacy is fundamental to our work together. I am bound by the Health Insurance Portability and Accountability Act (HIPAA), state privacy laws, and professional ethical standards to protect all information you share with me. This policy explains how your health information is used, protected, and disclosed.

What Information We Collect

During therapy, I collect and maintain the following types of information:

  • Identifying information (name, contact details, date of birth, insurance information)
  • Health history and current health information
  • Mental health information and clinical observations
  • Information about your relationships, family, work, and life circumstances
  • Session notes and treatment plans
  • Billing and payment information
  • Emergency contact information

How We Use Your Information

Your health information is used for:

  • Providing therapy and treatment
  • Treatment planning and follow-up
  • Communication with you about your care
  • Payment and billing purposes
  • Health care operations (scheduling, quality improvement)
  • Compliance with legal requirements

I do not use or disclose your information for marketing purposes, and I will not sell your information to third parties.

Disclosures of Your Information

I limit disclosures of your health information to only what is necessary for treatment, payment, or health care operations. I will not disclose your information without your written authorization, except as required by law. Authorized disclosures include:

  • To family members or caregivers you designate, if clinically appropriate
  • To other health care providers involved in your care (with your consent)
  • To insurance companies for claims processing
  • When required by law (abuse reporting, court orders, public health threats)
  • To my professional liability insurance carriers for claims purposes

Your Privacy Rights

You have the right to:

  • Access your medical records and request a copy
  • Request amendments to your records
  • Receive an accounting of disclosures of your information
  • Request restrictions on how your information is used or disclosed
  • Receive notice of any breach of your unsecured health information
  • Choose how you receive health information (mail, email, etc.)

To exercise these rights, submit a written request to hello@drjenniferwilson.com. I will respond within 30 days.

Website Privacy & Cookies

This website does not collect personal information except as you voluntarily provide it (such as through contact forms). We use minimal analytics to understand how visitors use the site. We do not use tracking cookies or sell data to third parties. Your visit to this website is separate from your therapeutic relationship.

Telehealth Security

If we conduct sessions via telehealth, I use secure, encrypted platforms (such as SimplePractice) that comply with HIPAA requirements. You are responsible for:

  • Using a secure, private location for sessions
  • Using updated software and antivirus protection on your device
  • Protecting your login credentials
  • Not recording sessions without written consent

While I take precautions to protect your information, internet-based communication carries inherent risks. I will discuss these risks with you before beginning telehealth.

Secure Storage of Records

Clinical records are maintained in a secure, locked location or encrypted digital format. Access is limited to me and, if necessary, clinical supervisors or quality assurance staff. Records are kept in compliance with Florida state law, which requires retention for a minimum of 5 years from the date of the last encounter.

Business Associates

I may share your information with business associates who assist with my practice (such as billing services, practice management software, or secure communication platforms). These associates are contractually bound by HIPAA to maintain confidentiality and security of your information.

Third-Party Vendors

I use the following third-party services that may have access to limited information:

  • SimplePractice: Scheduling, telehealth, and billing (HIPAA compliant)
  • Secure email: For communication with clients and providers
  • Professional liability insurance: For claims and risk management

All vendors are contractually required to protect your privacy and comply with HIPAA.

Data Breaches

If there is a breach of unsecured health information, I will notify you without unreasonable delay. Notification will include the date of the breach, what information was involved, what I am doing to investigate, steps you can take to protect yourself, and information about my breach response procedures.

Changes to This Policy

I may update this privacy policy as needed to reflect changes in practice or law. I will notify you of material changes. Your continued use of my services indicates your acceptance of any revised policy.

Your Responsibilities

To help protect your privacy, please:

  • Keep your contact information current
  • Inform me if you believe your privacy has been compromised
  • Use secure passwords if accessing any online platforms
  • Confirm the accuracy of information you provide
  • Contact me immediately if you have privacy concerns

Questions or Complaints

If you have questions about this privacy policy or believe your privacy rights have been violated, contact me directly. You also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights if you believe your HIPAA rights have been violated.

Privacy & Data Protection Contact

hello@drjenniferwilson.com

St. Augustine Beach & Jacksonville, Florida

Schedule a Consultation