Privacy Policy | Divine Soul Mental Health Services Las Vegas, NV

1. Introduction

Divine Soul Mental Health Services, PLLC ("Divine Soul," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website at divinesoulmentalhealth.com (the "Site") or interact with our practice.

We operate in full compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, applicable Nevada state privacy laws, and other federal and state regulations governing the privacy and security of health information.

By using our Site, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with its terms, please discontinue use of this Site. This policy applies to information collected through this website only — it does not govern information collected through our clinical practice or patient portal, which is separately governed by our Notice of Privacy Practices (NPP) provided to patients at the time of care.

2. Information We Collect

We may collect the following categories of information:

Contact and Inquiry Information

When you fill out a contact or appointment request form on our Site, we collect information you voluntarily provide, which may include:

Your first and last name
Your phone number and email address
Your preferred contact method and best time to reach you
A brief description of what brings you to our practice (if you choose to share)

We do not collect insurance member ID numbers, plan numbers, Social Security numbers, or other sensitive identifiers through our website contact forms.

Health Information

Any health-related information you choose to share through our website forms (such as a brief description of your symptoms or concerns) is treated with the highest level of confidentiality. Once you become a patient, your protected health information (PHI) is governed by HIPAA and our Notice of Privacy Practices, not this web privacy policy.

Device and Usage Information

When you visit our Site, we may automatically collect certain technical information including:

Your IP address (anonymized where possible)
Browser type and version
Device type and operating system
Pages visited and time spent on those pages
Referring URL (the page that directed you to our Site)
General geographic location (city/region level only)

This information is collected in aggregate and is not linked to personally identifiable information unless necessary for security purposes.

3. How We Use Your Information

We use the information we collect for the following purposes:

Scheduling and care coordination: To respond to appointment requests, schedule consultations, and coordinate your intake process.
Insurance verification: To verify your insurance benefits on your behalf prior to your first appointment, using only the information necessary and appropriate for that purpose.
Communication: To respond to your inquiries, follow up on appointment requests, and provide you with information about our services that you have requested.
Billing and administrative purposes: To process and coordinate insurance billing and other administrative functions related to your care.
Improving our services: To analyze how our website is used in aggregate so we can improve its content, accessibility, and user experience.
Legal and compliance obligations: To comply with applicable laws, regulations, legal processes, and governmental requests.
Safety: To protect the rights, safety, and security of our patients, staff, and the public.

We do not sell, rent, or trade your personal information to third parties for marketing or commercial purposes. We do not use your health information for advertising targeting.

4. HIPAA Notice

HIPAA

Divine Soul Mental Health Services, PLLC is a HIPAA-covered entity. As such, we are bound by federal law to protect the privacy of your Protected Health Information (PHI). PHI includes any individually identifiable health information, including information about your physical or mental health condition, the care you receive, and payment for that care.

How We Use and Disclose PHI

We may use and disclose your PHI for treatment, payment, and healthcare operations (TPO) purposes without your specific authorization, as permitted by HIPAA. All other uses and disclosures of your PHI require your written authorization, except in limited circumstances required by law (such as mandatory reporting requirements or public health activities).

Your Patient Rights Under HIPAA

As a patient of Divine Soul Mental Health Services, you have the following rights with respect to your PHI:

Right to Access: You have the right to inspect and obtain a copy of your PHI maintained in our records.
Right to Amend: You have the right to request amendments to your PHI if you believe it is inaccurate or incomplete.
Right to an Accounting of Disclosures: You have the right to receive a list of disclosures we have made of your PHI, other than for TPO purposes.
Right to Request Restrictions: You have the right to request restrictions on how we use or disclose your PHI for treatment, payment, or healthcare operations.
Right to Confidential Communications: You have the right to request that we communicate with you in a certain way or at a certain location.
Right to a Paper Copy of Our Notice: You have the right to receive a paper copy of our full Notice of Privacy Practices at any time upon request.

To exercise any of these rights, please contact us using the information in Section 9 of this policy.

5. How We Protect Your Information

We implement a comprehensive set of administrative, technical, and physical safeguards designed to protect your information from unauthorized access, use, disclosure, alteration, or destruction, including:

Encryption: All data transmitted between your browser and our website is encrypted using industry-standard TLS (Transport Layer Security) protocols. Forms that collect personal information are transmitted over secure, encrypted connections.
Secure systems: Our electronic health records and practice management systems use HIPAA-compliant platforms with access controls, audit logs, and security monitoring.
Access controls: Access to personal and health information is restricted to authorized staff members on a need-to-know basis, consistent with their job responsibilities.
Staff training: All staff members receive regular training on HIPAA compliance, privacy practices, and data security protocols.
Breach response: We maintain a documented breach notification policy and will notify affected individuals and relevant authorities in the event of a breach of unsecured PHI as required by HIPAA.

While we take the protection of your information seriously and implement reasonable security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of information transmitted via the internet.

6. Cookies and Analytics

Our website may use cookies and similar tracking technologies to improve functionality and user experience. Cookies are small text files stored on your device when you visit a website.

Types of cookies we may use:

Essential cookies: Required for basic website functionality. These cannot be disabled without affecting how the site operates.
Analytics cookies: Used to understand how visitors interact with our Site in aggregate — such as which pages are most visited or how users navigate. This data is anonymized and not linked to personal identity.

We do not use advertising cookies, retargeting cookies, or any tracking technology designed to build profiles of individual users for marketing purposes.

You can control cookies through your browser settings. Disabling cookies may affect certain features of the Site. Most browsers allow you to refuse cookies or delete them from your device.

Analytics

We may use privacy-respecting analytics tools to understand aggregate website usage. Any analytics data collected does not include personally identifiable information and is not shared with third parties for commercial purposes.

7. Third-Party Services

We may share your information with carefully selected third-party service providers who assist us in operating our website and delivering clinical services. These providers are permitted to use your information only to perform services on our behalf and are prohibited from using it for any other purpose.

Where required by HIPAA, we enter into Business Associate Agreements (BAAs) with all third-party vendors who may have access to Protected Health Information. This ensures that these vendors are legally bound to protect your PHI under the same standards that apply to us.

Categories of service providers may include:

Electronic health records (EHR) and practice management platforms
HIPAA-compliant telehealth video platforms
Medical billing and insurance coordination services
Secure patient communication platforms
Website hosting and security services

We do not sell, rent, or disclose your personal or health information to marketers, data brokers, or any third party for commercial purposes.

8. Your Rights

Depending on applicable law and the nature of the information, you may have the following rights regarding your personal information collected through this website:

Right to Access: You may request a copy of the personal information we hold about you that was collected through our website.
Right to Correction: You may request that we correct inaccurate information about you.
Right to Deletion: You may request deletion of personal information we collected through this website, subject to applicable legal and record-retention requirements. Note that this right does not apply to PHI maintained in your medical record, which is governed by HIPAA and applicable state law.
Right to Restrict Processing: You may request that we limit certain uses of your personal information.
Right to Portability: Where technically feasible and legally applicable, you may request that we provide your data in a portable, machine-readable format.
Right to Opt Out: You may opt out of any non-essential communications from us at any time by contacting us directly.

To exercise any of these rights, please contact us using the information provided in Section 9 below. We will respond to all valid requests within the timeframe required by applicable law.

9. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Divine Soul Mental Health Services, PLLC
Attn: Privacy Officer
9550 S Eastern Ave, Suite 220
Las Vegas, NV 89123

Email: info@divinesoulmentalhealth.com
Phone: (702) 843-5015
Fax: (702) 843-6045

If you believe your privacy rights have been violated, you also have the right to file a complaint with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights at www.hhs.gov/ocr. We will not retaliate against you for filing a complaint.

We reserve the right to update this Privacy Policy from time to time. Any changes will be reflected by an updated "Last updated" date at the top of this page. We encourage you to review this policy periodically.