Accepting New Clients! Book a Free 15-Min Phone Consult Today!

Salam Therapy LLC – Privacy Policy
(Doing Business as Salam Therapy)

Last Updated: 1/19/2026

Salam Therapy is a private, multicultural therapy practice whose mission is to provide ethical, moral, affordable, and accessible mental‑health care. Our care and purpose reflect the way we treat every client’s personal information with the same care we bring to our therapeutic work. This privacy policy explains what information we collect, why we collect it, how we protect it, when we share it, and what rights you have over your data. It applies to all interactions with salamtherapy.com, our mobile‑friendly client portal (through Simple Practice), email, phone, video‑conference platforms, and in‑person sessions.

Information We Collect

We gather three broad categories of data:

  1. Personal Identification & Demographics – name, date of birth, gender, preferred pronouns, ethnicity, language preference, photo (if you choose to upload), and other identifiers such as a username or online ID.
  2. Contact & Communication Details – email address, mailing address, phone number, and any messages you send to us through our secure portal, email, or phone.
  3. Health‑Related Information (Protected Health Information – PHI) – mental‑health history, diagnoses, treatment notes, medication details, therapist observations, and any other clinical data you share during intake or therapy sessions.
  4. Payment & Billing Information – credit‑card numbers, insurance information, billing address, and invoices. This data is transmitted only through encrypted, HIPAA‑compliant payment processors.
  5. Technical & Usage Data – IP address, browser type, device information, cookies, and analytics data collected automatically when you browse our website or use the client portal.

All health‑related data is treated as PHI and is subject to the Health Insurance Portability and Accountability Act (HIPAA).

Why We Use Your Information

  • Deliver & Manage Therapy Services – scheduling, conducting, documenting, and billing for individual or group sessions.
  • Clinical Care & Safety – sharing relevant PHI with your therapist, clinical supervisors, or emergency contacts when necessary to protect you or others from imminent harm.
  • Payment Processing & Insurance Claims – to charge fees, issue receipts, and submit claims to insurers.
  • Client Communication – appointment reminders, treatment updates, secure messaging, and, if you opt‑in, newsletters or educational resources that align with our commitment to accessibility.
  • Legal & Regulatory Compliance – meeting HIPAA, state licensing board requirements, mandatory reporting statutes, and other legal obligations.
  • Practice Improvement & Research – analyzing aggregated, de‑identified data to refine our multicultural therapeutic approaches, evaluate outcomes, and contribute to mental‑health research.
  • Security & Fraud Prevention – detecting unauthorized access, protecting against scams, and ensuring the integrity of our systems.

How We Protect Your Information

  • Encryption – All data transmitted between you and our systems uses TLS 1.2 or higher; stored PHI is encrypted at rest.
  • Secure Hosting – Our servers are hosted with HIPAA‑certified cloud providers that undergo regular third‑party security audits.
  • Access Controls – Only authorized staff (therapists, billing personnel, practice manager) can view PHI, each protected by unique passwords and two‑factor authentication.
  • Physical Safeguards – Paper records are kept in locked cabinets within a restricted office area.
  • Staff Training – Every employee completes ongoing training in HIPAA, cultural competency, and data‑privacy best practices.
  • Incident‑Response Plan – In the unlikely event of a breach, we will notify affected individuals and the U.S. Department of Health & Human Services within the 60‑day window required by law.

Sharing & Disclosure

We never sell your personal data. We share information only when necessary to provide care or comply with legal obligations:

  • Therapeutic Team – Your therapist and any supervising clinicians who need the information to deliver effective treatment.
  • Payment & Billing Partners – HIPAA‑covered business associate agreements (BAAs) are in place with processors such as Stripe. They receive only the financial details required to complete transactions.
  • Insurance Companies – Minimal data needed for claim submission, consistent with HIPAA.
  • Regulatory Authorities – When required by law (e.g., mandatory reporting of abuse, court orders).
  • Emergency Contacts – Only with your prior consent or when we believe you or someone else faces imminent danger.
  • Professional Service Providers – IT, legal, analytics, or transcription services that receive de‑identified or non‑PHI data under strict confidentiality agreements.

All third‑party partners that handle PHI are bound by BAAs; non‑PHI partners adhere to contractual confidentiality provisions.

Retention of Your Data

  • PHI – Retained for at least seven (7) years after the last date of service, or longer if required by state law (e.g., California, New York).
  • Financial Records – Kept for seven (7) years for tax and audit purposes.
  • Non‑PHI Data (website analytics, marketing preferences) – Retained in aggregated form for up to 24 months.

Your Rights & Choices

You have the following rights under HIPAA and applicable state privacy statutes:

  1. Access & Copy – Request a copy of your PHI in a readable format.
  2. Amendment – Ask us to correct inaccurate or incomplete information.
  3. Restriction – Limit certain uses of your data (e.g., marketing communications).
  4. Deletion – Request removal of non‑PHI data; PHI required for treatment or legal compliance may be retained as mandated.
  5. Portability – Receive your PHI in a portable electronic format.
  6. Opt‑Out of Marketing – Unsubscribe from newsletters or promotional emails at any time via the unsubscribe link or through your client‑portal settings.

To exercise any of these rights, please email privacy@salamtherapy.com or call [Insert Phone Number]. We will respond within 30 days.

Cookies & Tracking Technologies

  • Essential Cookies – Enable secure login, session management, and appointment scheduling.
  • Analytics Cookies – We use Google Analytics (or a comparable service) to understand how visitors interact with our site; data is aggregated and IP addresses are anonymized.
  • Marketing Cookies – Set only when you explicitly opt‑in to receive newsletters.

You may manage or block cookies through your browser settings; however, disabling essential cookies may limit your ability to use certain features of our website and client portal.

International Users

If you access our services from outside the United States, your data may be transferred to and processed in the United States, where different privacy protections may apply. We employ appropriate safeguards (standard contractual clauses, BAAs, and encryption) to protect such transfers.

Updates to This Policy

We may revise this privacy policy from time to time. When we do, we will update the “Last Updated” date at the top of the document and post a notice on our website. Continued use of our services after a revision signifies your acceptance of the updated terms.

Contact Information

If you have any questions, concerns, or requests regarding this privacy policy, please contact our Privacy Officer at:

Email:privacy@salamtherapy.com
Phone: 317-721-8188