PRIVACY POLICY

Karen Collins Therapy

karencollinstherapy.com


Effective Date: February 17, 2026

Last Updated: February 17, 2026


Karen Collins Therapy ("we," "us," "our") is committed to protecting the privacy and confidentiality of every client and website visitor. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you visit our website, contact our office, or receive therapy services. We encourage you to read this policy carefully. By using our website or engaging our services, you acknowledge and agree to the practices described here.


This policy is designed to comply with applicable federal and state laws, including the Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act (CCPA), the California Confidentiality of Medical Information Act (CMIA), and other relevant California and federal privacy regulations.



1. PRACTICE INFORMATION AND CONTACT DETAILS


Practice Name: Karen Collins Therapy

Practitioner: Karen Collins, LMFT (License #53852)

Address: 7 Fourth Street, Suite 11, Petaluma, CA 94952

Phone: (415) 368-3478

Email: contact@karencollinstherapy.com

Website: https://karencollinstherapy.com


For all privacy-related questions, concerns, or requests, please contact Karen Collins directly using the contact information above. Karen Collins serves as the designated privacy officer for this practice.



2. INFORMATION WE COLLECT


We collect personal information in several categories depending on how you interact with us.


Information You Provide Directly:

- Full name

- Email address

- Phone number

- Mailing or physical address

- Date of birth

- Emergency contact information

- Health and mental health history, including diagnoses, treatment history, symptoms, and therapeutic goals

- Relationship and family information relevant to therapy

- Insurance information (if applicable)

- Payment and billing information

- Any other information you voluntarily share through our contact form, by phone, by email, or during therapy sessions


Information Collected Automatically Through Our Website:

- IP address

- Browser type and version

- Device type

- Pages visited and time spent on pages

- Referring website or source

- General geographic location (city/region level)

- Cookie and tracking data (see Section 9 for details)


Information From Third-Party Sources:

- If you are referred by another provider, we may receive limited referral information with your consent

- Analytics data from website tools (see Section 9)



3. HOW WE COLLECT INFORMATION


We collect information through the following methods:


- Website contact forms (name, email, phone, and message content submitted through our Contact page)

- Phone calls and text messages

- Email correspondence

- In-person therapy sessions at our Petaluma office

- Intake forms and clinical documentation completed at the start of and during treatment

- Payment processing at time of service

- Cookies and analytics technologies on our website (see Section 9)

- Third-party platforms used to support practice operations (see Section 5)



4. WHY WE COLLECT YOUR INFORMATION AND HOW WE USE IT


We use your personal information for the following purposes:


Providing Therapy Services: To deliver competent, ethical psychotherapy services including individual therapy, couples therapy, anxiety therapy, depression therapy, trauma therapy, and therapy for narcissistic relationship recovery. Your clinical information is used to assess your needs, develop treatment plans, track progress, and provide appropriate care.


Appointment Scheduling and Communication: To schedule, confirm, reschedule, or cancel appointments and to communicate with you about your care.


Billing and Payment Processing: To process payments for therapy services, generate receipts or superbills, and manage accounts.


Legal and Regulatory Compliance: To meet our obligations under HIPAA, California state licensing requirements, CMIA, the CCPA, mandatory reporting laws, and other applicable legal requirements.


Practice Operations: To maintain accurate clinical records, manage our practice, respond to inquiries submitted through our website or by phone/email, and improve the quality of care we provide.


Website Improvement and Analytics: To understand how visitors use our website so we can improve content, functionality, and user experience.


We do not sell your personal information. We do not use your health information for marketing purposes without your explicit written authorization.



5. WHO WE SHARE YOUR INFORMATION WITH


We take your privacy seriously and limit the sharing of your information. We may share your information with the following parties only as necessary and appropriate:


Service Providers and Business Associates: We work with a limited number of third-party service providers who assist with practice operations. These may include electronic medical records (EMR) platforms, payment processors, practice management software, website hosting providers, and IT support providers. These service providers are contractually required to protect your information and, where applicable, have signed Business Associate Agreements (BAAs) in accordance with HIPAA.


Legal Requirements: We may disclose your information when required or permitted by law, including but not limited to mandatory reporting obligations (such as suspected child abuse, elder abuse, or threats of harm to self or others), court orders, subpoenas, or other legal processes.


Healthcare Collaborators: With your written consent, we may share relevant clinical information with other healthcare providers involved in your care (such as psychiatrists, primary care physicians, or other therapists) to coordinate treatment.


Emergency Situations: If there is an immediate threat to your health or safety, or to the health or safety of others, we may disclose necessary information to appropriate parties such as emergency services or family members.


We do not share your information with advertisers, data brokers, or social media companies. We do not sell, rent, or trade your personal information to any third party for any reason.



6. HOW LONG WE RETAIN YOUR INFORMATION


Clinical and Health Records: In accordance with California law and professional ethical standards, we retain clinical records for a minimum of seven (7) years after the last date of service for adult clients. For minor clients, records are retained for a minimum of seven (7) years after the client reaches the age of 18. In some circumstances, records may be retained longer as required by law or professional guidelines.


Billing and Financial Records: Payment and billing records are retained for a minimum of seven (7) years for tax, accounting, and legal compliance purposes.


Website and Analytics Data: Non-identifiable analytics data may be retained indefinitely. Identifiable website inquiry data (such as contact form submissions) is retained only as long as necessary to respond to your inquiry and is then securely deleted.


Record Destruction: When records are no longer required to be retained, they are destroyed securely. Paper records are shredded. Electronic records are permanently deleted using methods designed to prevent recovery.



7. HOW WE PROTECT YOUR INFORMATION


We take the security of your personal information seriously and have implemented multiple safeguards to protect it:


- Encryption of electronic records and communications where technically feasible

- Password-protected electronic systems with secure login credentials

- Physical security measures at our office, including locked file storage for any paper records

- Access controls that limit who can view your information to only those who need it to provide or support your care

- Secure, HIPAA-compliant platforms for electronic record-keeping and communication

- Regular review and updating of security practices

- Secure disposal of records that are no longer needed


While we take every reasonable precaution to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security, but we are committed to maintaining industry-standard protections.



8. DATA BREACH NOTIFICATION


In the event of a breach of unsecured Protected Health Information (PHI), we will follow all applicable federal and state breach notification requirements.


If a breach occurs that affects your information, we will notify you in writing without unreasonable delay and no later than sixty (60) days after discovery of the breach, as required by the HIPAA Breach Notification Rule. The notification will include a description of the breach, the types of information involved, steps you can take to protect yourself, what we are doing to investigate and mitigate the breach, and contact information for you to ask questions or get more information.


If a breach affects 500 or more individuals, we will also notify the U.S. Department of Health and Human Services and, where required, local media outlets, as mandated by federal law.



9. COOKIES, TRACKING, AND ANALYTICS


Our website uses cookies and similar tracking technologies to improve your browsing experience and help us understand how visitors interact with our site.


What Are Cookies: Cookies are small text files placed on your device when you visit a website. They help the website remember your preferences and understand usage patterns.


Types of Cookies We Use:


- Essential Cookies: These are necessary for the website to function properly, such as enabling page navigation and access to secure areas of the site. These cannot be disabled.


- Analytics Cookies: We may use analytics tools (such as Google Analytics or similar services provided by our website platform) to collect anonymized data about how visitors use our website, including pages visited, time on site, and traffic sources. This data helps us improve our website content and user experience. Analytics cookies do not collect personally identifiable information.


- Functionality Cookies: These cookies remember choices you make (such as accessibility preferences set through the UserWay widget) to provide enhanced, personalized features.


We do not use advertising or retargeting cookies. We do not track you across other websites.


Managing Cookies: You can control or delete cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Please note that disabling certain cookies may affect website functionality. You can typically find cookie management options in your browser's "Settings," "Preferences," or "Privacy" menu.


Do Not Track Signals: Our website does not currently respond to "Do Not Track" browser signals. However, you can manage your preferences through your browser's cookie settings as described above.



10. ACCESSIBILITY - USERWAY ACCESSIBILITY WIDGET


We are committed to making our website accessible to all visitors, including individuals with disabilities. To support this commitment, our website uses the Accessibility Widget by UserWay.


The UserWay Accessibility Widget is a tool that allows visitors to customize their browsing experience to meet their individual accessibility needs. The widget appears as a floating icon on our website and provides the following features:


- Screen Reader Support: Provides auditory feedback for on-screen content, reading aloud text, descriptions, and navigational elements for visitors who are visually impaired.

- Contrast Adjustments: Allows users to invert colors, apply dark mode, or increase contrast to improve readability and reduce glare.

- Text Resizing: Enables users to increase text size for better readability, with multiple levels of text enlargement available.

- Text Spacing: Allows users to adjust the spacing between lines of text for improved readability.

- Dyslexia-Friendly Fonts: Offers specialized font options designed to improve readability for users with dyslexia, featuring distinct letter shapes and spacing.

- Keyboard Navigation Enhancements: Improves the website experience for visitors who navigate using a keyboard rather than a mouse.

- Link Highlighting: Visually emphasizes hyperlinks so users can quickly identify clickable elements.

- Big Cursor: Enlarges the cursor for better visibility.

- Reading Mask and Reading Guide: Tools that help users focus on specific sections of text by masking surrounding content or providing a horizontal reading guide.

- Hide Images: Removes visual elements from the page for users who prefer a simplified, text-focused experience.

- Tooltips: Displays alt text descriptions when hovering over images, providing context about image content.

- Dictionary: Offers definitions and additional context for words on the page.


The UserWay Widget does not collect personal information from users interacting with it. Accessibility preferences set through the widget are stored locally on your device and are not transmitted to us or to UserWay.


These features are designed to help our website work toward compliance with Web Content Accessibility Guidelines (WCAG 2.1), the Americans with Disabilities Act (ADA), Section 508 of the Rehabilitation Act, and EN 301 549 standards. If you experience any accessibility barriers on our website, please contact us at contact@karencollinstherapy.com or call (415) 368-3478 so we can assist you.



11. NOTICE OF PRIVACY PRACTICES (HIPAA)


This section serves as our Notice of Privacy Practices as required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations. This notice describes how your Protected Health Information (PHI) may be used and disclosed, and how you can access this information.


Protected Health Information (PHI) includes any individually identifiable health information that we create, receive, maintain, or transmit in connection with providing you therapy services.


How We May Use and Disclose Your PHI:


For Treatment: We may use and disclose your PHI to provide, coordinate, or manage your therapy services. For example, we may discuss your treatment with another healthcare provider to whom you have been referred, but only with your written authorization unless otherwise permitted by law.


For Payment: We may use and disclose your PHI to obtain payment for services provided to you. For example, we may provide information to your insurance company (with your authorization) to process claims or provide you with a superbill.


For Healthcare Operations: We may use and disclose your PHI for practice operations such as quality assessment, compliance activities, audits, and business planning.


As Required by Law: We may use or disclose your PHI when required to do so by federal, state, or local law.


Disclosures for Public Health and Safety: We may disclose your PHI in limited circumstances when necessary to prevent a serious threat to your health and safety or the health and safety of others, including mandatory reports of suspected child abuse, elder or dependent adult abuse, or when a client communicates a serious threat of violence against a reasonably identifiable person.


Psychotherapy Notes: We maintain psychotherapy notes separately from your medical record. Under HIPAA, we will not use or disclose your psychotherapy notes without your written authorization, except in limited circumstances as permitted by law (such as to defend against a legal action brought by you, or for certain oversight activities).


All Other Uses and Disclosures Require Your Written Authorization: Any use or disclosure of your PHI that is not described above or otherwise permitted by law will only be made with your written authorization. You may revoke your authorization at any time, in writing, except to the extent that we have already taken action based on your previous authorization.



12. YOUR RIGHTS


You have the following rights regarding your personal and health information:


Right to Access: You have the right to request access to your clinical records and other personal information we maintain about you. Requests should be made in writing. We will respond within thirty (30) days of receiving your request. A reasonable fee may apply for copying records.


Right to Amend: You have the right to request that we amend your health information if you believe it is incorrect or incomplete. Requests must be made in writing with a reason for the amendment. We may deny your request in certain circumstances, such as if the information was not created by us, is not part of the records we maintain, or is accurate and complete.


Right to an Accounting of Disclosures: You have the right to request a list of certain disclosures we have made of your PHI. This list will not include disclosures made for treatment, payment, or healthcare operations, or disclosures you authorized in writing.


Right to Request Restrictions: You have the right to request restrictions on how we use or disclose your PHI for treatment, payment, or healthcare operations. We are not required to agree to your request, but if we do agree, we will honor the restriction except in emergency situations.


Right to Request Confidential Communications: You have the right to request that we communicate with you about your health information in a specific way or at a specific location. For example, you may request that we only contact you by email or at a particular phone number.


Right to a Copy of This Policy: You have the right to obtain a paper copy of this Privacy Policy at any time by contacting us.


Right to Receive Breach Notification: You have the right to be notified in the event of a breach of your unsecured PHI, as described in Section 8 of this policy.


California Consumer Privacy Act (CCPA) Rights: If you are a California resident, you have additional rights under the CCPA, including the right to know what personal information we collect and how it is used, the right to request deletion of your personal information (subject to legal exceptions, including our obligation to retain clinical records), and the right not to be discriminated against for exercising your privacy rights. Please note that the CCPA provides exemptions for certain health information governed by HIPAA and CMIA.


To exercise any of these rights, please contact us in writing at contact@karencollinstherapy.com or by mail at 7 Fourth Street, Suite 11, Petaluma, CA 94952. We will respond to your request within the timeframe required by applicable law.



13. LIMITATIONS ON CONFIDENTIALITY


While we are committed to maintaining the confidentiality of your information, there are legal and ethical exceptions to confidentiality that you should be aware of. As a licensed therapist in California, Karen Collins is required by law to break confidentiality in the following circumstances:


- If there is reasonable suspicion of child abuse or neglect

- If there is reasonable suspicion of abuse or neglect of an elder or dependent adult

- If a client communicates a serious threat of physical violence against a reasonably identifiable victim

- If a client presents a danger to themselves (imminent risk of self-harm)

- If disclosure is ordered by a court of law

- In certain other limited circumstances as required by California and federal law


These legal and ethical obligations apply regardless of this Privacy Policy.



14. MINORS


We do not knowingly collect personal information from individuals under the age of 13 through our website. Our therapy services for minors are provided with the involvement and consent of a parent or legal guardian, as required by California law. If you believe that a child under 13 has submitted personal information through our website without parental consent, please contact us immediately so we can take appropriate steps to remove the information.



15. THIRD-PARTY LINKS


Our website may contain links to other websites or resources that are not operated by Karen Collins Therapy. We are not responsible for the privacy practices or content of those third-party websites. We encourage you to review the privacy policies of any website you visit through links on our site.



16. SOCIAL MEDIA


Karen Collins Therapy may maintain a presence on social media platforms. Please be aware that any information you share on social media platforms is governed by the privacy policies of those platforms, not by this Privacy Policy. We encourage you not to share personal health information or confidential details through social media channels. If you interact with us on social media, we will not disclose or confirm any therapeutic relationship.



17. TELEHEALTH DISCLAIMER


At this time, Karen Collins Therapy offers in-person sessions only at our Petaluma office. If telehealth or video-based services are offered in the future, this policy will be updated to address the additional privacy considerations associated with those services, including the platforms used and security measures in place.



18. UPDATES TO THIS PRIVACY POLICY


We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will update the "Last Updated" date at the top of this policy.


For material changes that significantly affect how we handle your personal or health information, we will make reasonable efforts to notify you. This may include posting a prominent notice on our website, sending an email notification, or informing you directly during a session.


We encourage you to review this policy periodically to stay informed about how we are protecting your information. Your continued use of our website or services after any updates to this policy constitutes your acknowledgment of the changes.



19. HOW TO CONTACT US


If you have any questions, concerns, or requests regarding this Privacy Policy, your personal information, or your rights, please contact us:


Karen Collins, LMFT

Privacy Officer

Karen Collins Therapy

7 Fourth Street, Suite 11, Petaluma, CA 94952

Phone: (415) 368-3478

Email: contact@karencollinstherapy.com


If you believe your privacy rights have been violated, you also have the right to file a complaint with:


U.S. Department of Health and Human Services

Office for Civil Rights

Website: https://www.hhs.gov/ocr

Phone: 1-800-368-1019


Filing a complaint will not affect your treatment or relationship with Karen Collins Therapy. We will not retaliate against you for filing a complaint.



20. CONSENT


By using our website, submitting information through our contact form, or engaging our therapy services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein. For the use or disclosure of your Protected Health Information beyond what is described in this policy, we will obtain your written authorization.


This Privacy Policy is intended for informational purposes and does not constitute legal advice. If you have specific legal questions about your privacy rights, we recommend consulting with an attorney who specializes in healthcare or privacy law.



Copyright 2026 Karen Collins Therapy. All rights reserved.