Privacy & Confidentiality Policy

Welcome to Counseling by Camryn, PLLC. We are committed to protecting the privacy and confidentiality of your personal and health information. This Privacy Policy describes how we collect, use, store, share, and protect information obtained through our website and in the course of providing mental health services.

By visiting our website or using our services, you acknowledge that you have read and understood this Privacy Policy.

Counseling by Camryn, PLLC is a licensed mental health private practice providing individual therapy services, including EMDR (Eye Movement Desensitization and Reprocessing) and Cognitive Behavioral Therapy (CBT).

Address: 210 25th Avenue North, Suite 1220, Nashville, TN 37203

Your PHI includes any information that can be used to identify you and relates to your past, present, or future physical or mental health, the provision of care to you, or payment for that care.

To exercise any of these rights, please contact us in writing at counselingbycamryn@gmail.com.

• Full name, date of birth, and contact information
• Insurance information and payment details
• Emergency contact information
• Health history, mental health history, and reasons for seeking therapy
• Session notes and clinical documentation
• Communications with us (email, phone, contact form submissions)

When you visit counselingbycamryn.com, our website platform (Squarespace) may automatically collect:

• IP address and general geographic location
• Browser type and device information
• Pages visited and time spent on the site
• Referring website or search terms

This data is collected for analytics only and is not linked to your personal identity or health records.

We use your information solely for the purposes of:

• Providing mental health services and clinical care
• Scheduling appointments and managing your client record
• Processing payments and coordinating with insurance providers (if applicable)
• Communicating with you about your care
• Meeting our legal and professional obligations as a licensed therapist
• Improving the accessibility and functionality of our website

We do not share your information except in the following limited circumstances:

We will share your information with other providers or individuals only when you have given us written authorization.

• When there is a serious and imminent risk of harm to you or another person
• When child abuse, elder abuse, or dependent adult abuse is suspected or known
• When ordered by a court of law via subpoena or court order
• When required by a licensing board investigation

We may share limited information with Business Associates who help us operate our practice. These include:

• SimplePractice — our HIPAA-compliant EHR and telehealth platform
• Our payment processor

All Business Associates are contractually obligated to protect your information in accordance with HIPAA.

Telehealth services are currently available to clients physically located in Tennessee and California. It is your responsibility to confirm you are physically located in one of these states at the time of each session.

• Use a private location where you cannot be overheard
• Use a secure, private internet connection (avoid public Wi-Fi)
• Ensure no unauthorized individuals are present during the session

In the event of technical difficulties during a telehealth session, we will contact you at the phone number on file to continue by phone or reschedule at your convenience.

• All electronic health records are stored in SimplePractice, a HIPAA-compliant EHR with encrypted storage
• Our website uses HTTPS/SSL encryption (look for the padlock in your browser's address bar)
• Paper records, if any, are stored in a locked, secure location
• Access to client records is restricted to authorized personnel only
• We conduct regular reviews of our privacy and security practices

Despite these measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to industry best practices.

Client records are retained in accordance with applicable state law and professional licensing requirements. Adult client records are typically retained for a minimum of 7 years following the last date of service. Records for minor clients are retained until the minor reaches the age of majority plus 7 years.

After the required retention period, records are destroyed in a secure and confidential manner.

Our website is hosted on Squarespace, which may use cookies and analytics tools to track general visitor behavior. Cookies are small text files stored on your device. We use this data in aggregate form only — to understand how visitors use our website. We do not use it to identify individual visitors.

You may disable cookies in your browser settings at any time; however, some website features may not function as intended.

We reserve the right to update this Privacy Policy at any time. When we do, we will revise the "Last Updated" date at the top of this page. Continued use of our website or services after any changes constitutes your acceptance of the updated policy.

For existing clients, material changes to this policy will be communicated directly via the contact information on file.