top of page

Privacy Policy

Important Notice

Cheerful Heart MHC PLLC ("Cheerful Heart," "we," "us," or "our") is committed to protecting your privacy and maintaining the confidentiality of your protected health information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and applicable state laws.

Privacy Policy - Introduction

This Privacy Policy describes how Cheerful Heart Mental Health Counseling PLLC collects, uses, maintains, and discloses information collected from users of our website (www.cheerfulheartmhcpllc.com) and clients of our mental health counseling services. This policy applies to the website and all services offered by Cheerful Heart MHC PLLC.

As a mental health counseling practice, we are required by law to maintain the privacy of your protected health information and to provide you with notice of our legal duties and privacy practices with respect to your health information.

Cheerful Heart MHC PLLC provides mental health counseling services including:

  • Individual therapy

  • Specialized therapy for medical trauma, chronic illness, and pain

  • EMDR (Eye Movement Desensitization and Reprocessing) therapy

  • Clinical supervision for mental health counselors

  • Faith-integrated and faith-informed counseling services

 

We serve clients in New York, New Jersey, California, Pennsylvania, and South Carolina through in-person and telehealth services.

Privacy Policy - Information We Collect

When you become a client, we collect and maintain PHI necessary for treatment, payment, and healthcare operations, including:

  • Personal identification information (name, address, phone number, email address, date of birth)

  • Insurance information

  • Medical and mental health history

  • Treatment plans and clinical notes

  • Session records and progress notes

  • Billing and payment information

  • Emergency contact information

When you visit our website, we may collect:

  • Browser type and version

  • Operating system

  • IP address

  • Pages visited and time spent on pages

  • Referring website addresses

  • Date and time of visits

If you contact us through our website, we collect the information you voluntarily provide, such as your name, email address, phone number, and the content of your inquiry.

Messaging Terms & Conditions:
You agree to receive informational messages (appointment reminders, account notifications, etc.) from Cheerful Heart Mental Health Counseling PLLC. Message frequency varies. Message and data rates may apply. For help, reply HELP or email us at hello@cheerfulheartmhcpllc.com. You can optout at any time by replying STOP. 

Mobile SMS Messaging Privacy Policy:
Information collected:
We may collect information, such as name, phone number, and email address.

 

Use of information collected:

We may use the information we collect to perform the services requested including billing, customer service, appointment reminders and other administrative requests.

 

Sharing of information collected: Mobile information will not be shared with third parties/affiliates for marketing/promotional purposes. This includes text messaging opt-in data and consent.

 

As a current or prospective customer, you understand that you can text us STOP at any time to opt out of receiving SMS text messages from us. You can text us HELP at any time to receive help.

 

You understand that the messaging frequency may vary. Messaging & data rates may apply.

 

All policies are followed as per CTIA guidelines 5.2.1. At any time if you want your information to be removed, you can contact us via our email address or regular mail.

Privacy Policy - How We Use Your Information

We use your PHI (Personal Health Information) for the following purposes:

Treatment: We use your health information to provide, coordinate, or manage your mental health care and related services. This includes consultation with other healthcare providers involved in your care.

Payment: We use your health information to obtain payment for services provided. This may include submitting claims to your health insurance company, verifying coverage, and obtaining pre-authorization for treatment.

Healthcare Operations: We use your health information for quality assurance, training, licensing, accreditation, and other business operations necessary to run our practice.

Website information is used to:

  • Improve our website functionality and user experience

  • Analyze usage patterns and trends

  • Maintain website security

  • Respond to inquiries and provide information about our services

Privacy Policy - Disclosure of Your Information

Permitted Disclosures Without Authorization

We may disclose your PHI without your written authorization in the following circumstances:

Treatment Coordination: To other healthcare providers involved in your care
Payment Activities: To insurance companies and billing services for payment processing


Healthcare Operations: For quality improvement and practice management
As Required by Law: When required by federal, state, or local law
Public Health Activities: For disease prevention or reporting abuse, neglect, or domestic violence as required by law


Health Oversight Activities: To health oversight agencies for audits, investigations, or licensure


Legal Proceedings: In response to court orders or lawfully issued subpoenas
Law Enforcement: For law enforcement purposes as required by law

 

To Prevent Serious Harm: When necessary to prevent or lessen a serious and imminent threat to health or safety


Coroners and Medical Examiners: For identification purposes or determining cause of death


Workers' Compensation: As authorized by workers' compensation laws

 

Disclosures Requiring Authorization
For uses and disclosures not described above, we will obtain your written authorization. You have the right to revoke such authorization at any time by providing written notice, except to the extent that action has already been taken in reliance on the authorization.

 

Marketing and Sale of Information
We will not use or disclose your health information for marketing purposes or sell your health information without your written authorization.

Privacy Policy - Your Privacy Rights

Under HIPAA and applicable state laws, you have the following rights regarding your PHI:

Right to Access
You have the right to inspect and obtain a copy of your health information maintained in our records. To request access, submit a written request to our Privacy Officer. We will respond within 30 days and may charge a reasonable fee for copying and mailing costs.

Right to Amend
You have the right to request that we amend your health information if you believe it is incorrect or incomplete. We will respond to your request within 60 days. We may deny your request in certain circumstances, and we will provide you with written explanation of any denial.

Right to an Accounting of Disclosures
You have the right to receive an accounting of certain disclosures of your health information made by us during the six years prior to your request. The accounting will not include disclosures for treatment, payment, healthcare operations, or disclosures made to you or authorized by you.

Right to Request Restrictions
You have the right to request restrictions on certain uses and disclosures of your health information. We are not required to agree to your request except in certain circumstances where you have paid out-of-pocket in full and do not want information disclosed to your health plan.

Right to Request Confidential Communications
You have the right to request that we communicate with you about your health information by alternative means or at alternative locations. We will accommodate reasonable requests.

Right to a Paper Copy of This Notice
You have the right to obtain a paper copy of this Privacy Policy at any time upon request.

Right to File a Complaint
If you believe your privacy rights have been violated, you have the right to file a complaint with us or with the U.S. Department of Health and Human Services Office for Civil Rights. You will not be retaliated against for filing a complaint.

Privacy Policy - Telehealth Services

We provide telehealth services through secure, HIPAA-compliant video conferencing platforms. When you participate in telehealth sessions:

  • Your session data is transmitted using encrypted connections

  • We use platforms that are designed to protect your privacy and maintain confidentiality

  • You are responsible for ensuring your physical location during sessions is private

  • Technical issues or interruptions may affect service delivery

  • Standard confidentiality protections and limitations apply to telehealth services
     

Privacy Policy - Security of Your Information

We implement appropriate administrative, physical, and technical safeguards to protect your information:

  • Electronic health records are stored on secure, encrypted servers

  • Access to PHI is limited to authorized personnel only

  • Staff members receive regular training on privacy and security practices

  • Physical files are stored in locked, secure locations

  • We use secure communication methods for transmitting sensitive information

  • Regular security assessments and updates are conducted

Privacy Policy - Website Technologies

Cookies

Our website may use cookies to enhance user experience. Cookies are small files stored on your device that help us understand how you use our website. You can choose to disable cookies through your browser settings, though this may affect website functionality.

Third-Party Services

Our website is hosted on Wix.com and may use third-party services for analytics and functionality. These services may collect information about your website usage. We ensure any third-party service providers handling PHI sign Business Associate Agreements as required by HIPAA.

Privacy Policy - Children's Privacy

Our website is not directed to children under 13, and we do not knowingly collect personal information from children under 13 through our website. When providing mental health services to minors, we comply with applicable state laws regarding parental consent and access to minor's health information.

Privacy Policy - State-Specific Provisions

We comply with privacy laws in all states where we are licensed to practice:

 

  • California: California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and the right to delete personal information

  • New York: We comply with New York Mental Hygiene Law regarding confidentiality of mental health records

  • New Jersey, Pennsylvania, and South Carolina: We comply with all applicable state mental health confidentiality laws and regulations

Privacy Policy - Breach Notification

In the event of a breach of your unsecured PHI, we will notify you in accordance with HIPAA breach notification requirements within 60 days of discovering the breach. We will also notify the Secretary of Health and Human Services and, if applicable, prominent media outlets, as required by law.

Privacy Policy - Record Retention

We retain your health information in accordance with applicable federal and state laws. Generally, clinical records are maintained for a minimum of six years after the last date of service, or longer as required by state law or if you were a minor at the time of treatment.

Privacy Policy - Changes to This Privacy Policy

We reserve the right to revise this Privacy Policy at any time. Any changes will be effective for all PHI we maintain, including information created or received prior to the change. We will post the revised policy on our website and make copies available at our office. The effective date will be noted at the top of the policy.

Privacy Policy - Notice of Privacy Practices

In addition to this Privacy Policy, clients will receive a separate Notice of Privacy Practices (NPP) as required by HIPAA at the time of first service. The NPP provides detailed information about how we use and disclose your protected health information for treatment, payment, and healthcare operations.

Privacy Policy - Contact Information

For questions about this Privacy Policy or to exercise your privacy rights, please contact:

Cheerful Heart MHC PLLC
Website: www.cheerfulheartmhcpllc.com
Email: hello@chearfulheartmhcpllc.com
Phone: 914.552.855

 

To file a complaint with the U.S. Department of Health and Human Services:

 

Office for Civil Rights
U.S. Department of Health and Human Services
200 Independence Avenue, S.W.
Washington, D.C. 20201
Phone: 1-877-696-6775
Website: www.hhs.gov/ocr/privacy/hipaa/complaints/

By using our website or services, you acknowledge that you have read and understand this Privacy Policy. For clinical services, you will be asked to sign an acknowledgment that you have received and reviewed our Notice of Privacy Practices.

Emergency Situations: If you are experiencing a mental health emergency, please call 911, go to your nearest emergency room, or call the National Suicide Prevention Lifeline at 988.

bottom of page