You are here: Home -> Your Privacy in My Practice and on this Website
The general rule is that what gets discussed in a therapy session remains confidential unless you give me specific written permission to release information. You will need to complete and both of us will need to sign a "Release of Information" form in order for me to release information about you. There are some exceptions:
I use one of several HIPAA-compliant video conferencing services. Sessions are encrypted end-to-end. This makes our conversations unintelligible to others as they travel between my computer and your computer/cellphone.
Phone calls are not encrypted while in progress, but any voicemail you leave me is stored on an encrypted server.
I use a HIPAA-compliant encrypted email service called Protonmail.com. They offer a basic FREE subscription that I ask you to use. If both of us use Protonmail any messages and files we exchange (which is called "Protected Health Information" or PHI) are encrypted "end-to-end" from your computer/cell phone to mine. This is one way for us to exchange PHI without anyone else getting a hold of it. In addition to webmail, they also have an app for Android and iOS.
I do not use SMS and MMS texts due to their lack of encryption. If you would like to use texting as a way to communicate with me we can discuss using an encrypted text-messaging service called Threema.
I am not on Facebook, Twitter, etc.
I am required to maintain a record of our sessions in what is called a chart. Some of that is in paper format. Most of it is in my business computer. It is encrypted via "whole disk encryption", "home directory encryption" and your chart is also encrypted with a unique password. Triple encryption, if you will. I also use a HIPAA-compliant Electronic Health Record provider called TherapyNotes.
I maintain certain documents you give me in paper form. These are locked in a filing cabinet with two locks in a locked room. I scan any paper documents I have from you and store them on encrypted computers. I use a HIPAA-compliant offsite back-up company called Spideroak.com.
I try to make your visit here a private one. No tracking cookies are used on this website. No programming from my website is running around in your computer. I also use an "HTTPS" web address, so that no one can see what you are doing here (although your Internet Service Provider (ISP) will know you have come to my website address if you are not using a Virtual Private Network).
The internet protocol address (IP address) you have come from is recorded, but I doubt I look at the data even once a year.
If you have any questions, I would be happy to speak with you. 888-933-3539