PRIVACY POLICY
Angaza Therapy & Consulting Services LLC
Effective Date: February 17, 2026
Last Updated: February 17, 2026
INTRODUCTION
Welcome to the website of Angaza Therapy & Consulting Services LLC ("Angaza Therapy," "we," "us," or "our"). We are committed to protecting the privacy and confidentiality of your personal information and Protected Health Information (PHI). This Privacy Policy explains how we collect, use, store, share, and protect your information when you visit our website, use our services, or communicate with us.
Angaza Therapy is a virtual psychotherapy practice owned and operated by Caroline Petty, LCSW-PMH-C. We provide telehealth therapy services to women throughout the states of Mississippi and Alabama. By using our website or engaging our services, you agree to the practices described in this Privacy Policy.
If you have questions about this policy, please contact us at:
Angaza Therapy & Consulting Services LLC
Caroline Petty, LCSW-PMH-C (Privacy Officer)
Email: info@angazatherapy.com
Phone: (662) 343-3324
Website: https://caroline-petty-angaza-therapy.multiscreensite.com
Location: Virtual therapy throughout Mississippi and Alabama
Business Hours:
Monday, Wednesday, Thursday: 9:00 AM - 4:30 PM
Tuesday: 9:00 AM - 2:30 PM
Friday: 9:00 AM - 1:00 PM
Saturday - Sunday: Closed
1. INFORMATION WE COLLECT
We collect personal information and health-related information necessary to provide you with quality therapy services and to operate our practice. The categories of information we may collect include:
Personal Identifying Information: Your name, email address, phone number, mailing address, date of birth, and emergency contact information.
Health and Clinical Information: Mental health history, diagnoses, treatment plans, therapy session notes, intake assessments, presenting concerns, and other Protected Health Information (PHI) as defined by HIPAA.
Insurance and Billing Information: Insurance provider details, policy numbers, claims information, and payment information including credit card, debit card, and HSA/FSA card details.
Communication Records: Emails, phone call logs, contact form submissions through our website, and messages exchanged during the scheduling or consultation process.
Website Usage Data: Information collected automatically when you visit our website, including IP address, browser type, device information, pages viewed, and time spent on the site. This data is collected through cookies and similar tracking technologies used by our website hosting platform.
Scheduling and Appointment Data: Appointment dates, times, session types, cancellation history, and consultation records.
2. HOW WE COLLECT YOUR INFORMATION
We collect your information through the following methods:
Website Contact Forms: When you fill out the contact form on our website to request information or schedule a consultation, we collect your first name, last name, phone number, email address, and the content of your message.
Telephone and Email Communication: When you call us at (662) 343-3324 or email us at info@angazatherapy.com, we may collect information you provide during those communications.
Telehealth Video Sessions: During virtual therapy sessions conducted through our HIPAA-compliant video platform, clinical information is collected as part of your treatment.
Third-Party Scheduling and Billing Platforms: When you book appointments or process insurance through Headway (care.headway.co), your personal and insurance information is collected and processed through their platform.
Intake and Consent Forms: Before beginning therapy, you will complete intake paperwork that includes personal, medical, and mental health history information.
Payment Processing: When you pay for services using a credit card, debit card, or HSA/FSA card, your payment information is processed through our secure payment system.
Cookies and Website Analytics: Our website, hosted on the DudaOne (Multiscreensite) platform, may use cookies and analytics tools to collect website usage data automatically. See Section 9 (Cookies and Tracking Technologies) for more details.
3. WHY WE COLLECT YOUR INFORMATION
We collect and use your personal information for the following purposes:
Providing Therapy Services: To conduct intake assessments, deliver virtual therapy sessions, create and maintain treatment plans, and track your therapeutic progress.
Appointment Scheduling and Management: To schedule, confirm, reschedule, and manage your therapy sessions, including free 15-minute consultations.
Communication: To respond to your inquiries, send appointment reminders, provide session links, and share relevant practice updates or resources.
Billing and Payment Processing: To process payments for therapy sessions, submit insurance claims through Headway, generate superbills for out-of-network reimbursement, and manage billing records.
Legal and Regulatory Compliance: To comply with applicable federal and state laws, including HIPAA, Mississippi and Alabama mental health regulations, and mandatory reporting requirements.
Good Faith Estimates: To provide you with Good Faith Estimates of expected costs for services as required under the No Surprises Act.
Website Improvement: To understand how visitors use our website and to improve your browsing experience.
Professional Consultation: In limited circumstances, we may consult with other professionals about your care. In such cases, identifying information is kept to a minimum and only shared when necessary.
4. WHO WE SHARE YOUR INFORMATION WITH
We take your privacy seriously and limit the sharing of your information to the following parties and circumstances:
Headway: We use Headway as our billing and insurance credentialing platform. If you use in-network insurance benefits (Aetna, Cigna, Optum, Oscar, Oxford, or UnitedHealthcare), Headway processes your insurance claims and billing on our behalf. Headway maintains its own privacy practices and HIPAA compliance.
Payment Processors: Credit card, debit card, and HSA/FSA transactions are processed through secure, PCI-compliant payment processors. We do not store your full payment card information on our systems.
Telehealth Platform Provider: We use a secure, HIPAA-compliant video conferencing platform to conduct virtual therapy sessions. This provider has signed a Business Associate Agreement (BAA) with us and is required to protect your information.
Website Hosting Provider: Our website is hosted on the DudaOne (Multiscreensite) platform, which may collect limited technical data as described in Section 9.
UserWay (Accessibility Provider): We use the UserWay Accessibility Widget on our website to improve accessibility for all visitors. UserWay does not collect personal information from visitors interacting with the widget. See Section 10 for more details.
Insurance Companies: When you authorize us to bill your insurance, we share necessary clinical and personal information with your insurance provider to process claims.
Legal and Regulatory Authorities: We may disclose your information when required by law, including but not limited to: court orders or subpoenas; mandatory reporting of suspected child abuse, elder abuse, or abuse of a vulnerable adult; situations involving imminent risk of harm to yourself or others; and other disclosures required by Mississippi or Alabama state law.
Professional Consultants: In rare cases, we may consult with other licensed professionals to ensure the best care for you. When this occurs, only the minimum necessary information is shared, and your identity is protected whenever possible.
We do not sell, rent, or trade your personal information or Protected Health Information to third parties for marketing or any other commercial purpose.
5. HOW WE USE YOUR DATA
Your data is used to:
Provide you with high-quality, individualized virtual therapy services across Mississippi and Alabama.
Maintain accurate clinical records to support continuity of care and treatment planning.
Communicate with you regarding your appointments, treatment, billing, and any practice-related updates.
Process insurance claims and payments for services rendered.
Comply with all applicable healthcare laws, licensing requirements, and professional ethical standards.
Operate and improve our website to provide a better user experience.
Generate de-identified or aggregated data for practice analytics and quality improvement purposes. Such data cannot be used to identify you personally.
6. HOW LONG WE RETAIN YOUR DATA
We retain your personal information and clinical records in accordance with federal and state law:
Clinical and Therapy Records: Clinical records are retained for a minimum of seven (7) years from the date of the last service provided, or longer if required by Mississippi or Alabama state law. For minor clients, records are retained for at least seven (7) years after the client reaches the age of 18, or as otherwise required by law.
Billing and Financial Records: Billing records, invoices, superbills, and payment records are retained for a minimum of seven (7) years for tax, audit, and compliance purposes.
Website and Communication Records: Contact form submissions, email correspondence, and phone logs are retained for as long as necessary to provide services and respond to inquiries, and are deleted when no longer needed for business or legal purposes.
Deletion and Destruction: When records are no longer required to be retained, they are securely destroyed. Electronic records are permanently deleted using secure data destruction methods, and any physical records (if applicable) are shredded.
7. HOW WE PROTECT YOUR INFORMATION
We take the security of your personal information and Protected Health Information seriously and employ the following safeguards:
Encryption: Data transmitted to and from our website, telehealth platform, and communication systems is encrypted using industry-standard encryption protocols (such as SSL/TLS).
HIPAA-Compliant Platforms: All platforms used to deliver therapy services, store clinical records, and process billing are HIPAA-compliant and have signed Business Associate Agreements (BAAs) with our practice.
Access Controls: Access to client records and personal information is restricted to authorized personnel only. Caroline Petty, LCSW-PMH-C, is the sole clinician and maintains direct control over all client records.
Secure Storage: Electronic records are stored on secure, password-protected, and encrypted systems. Any physical documents containing personal information are stored in locked, secure locations.
Secure Video Sessions: Virtual therapy sessions are conducted through a HIPAA-compliant video platform that uses end-to-end encryption to protect session content.
Regular Security Practices: We regularly review and update our security practices to address emerging threats and maintain compliance with applicable laws and regulations.
8. DATA BREACH NOTIFICATION
In the unlikely event of a breach of your unsecured Protected Health Information, we will notify you in accordance with HIPAA and applicable state law:
We will notify affected individuals without unreasonable delay and no later than sixty (60) days after discovery of the breach.
Notification will be provided in writing via first-class mail or, if you have agreed to receive electronic communications, by email.
The notification will include a description of the breach, the types of information involved, steps you should take to protect yourself, what we are doing to investigate and mitigate the breach, and contact information for further questions.
If the breach affects 500 or more individuals, we will also notify the U.S. Department of Health and Human Services (HHS) and, where required, prominent media outlets serving the affected area.
If the breach affects fewer than 500 individuals, we will log the breach and report it to HHS as part of our annual breach notification submission.
9. COOKIES AND TRACKING TECHNOLOGIES
Our website may use cookies and similar tracking technologies to enhance your browsing experience and to understand how visitors interact with our site.
What Are Cookies: Cookies are small text files placed on your device when you visit a website. They help the website recognize your device and remember certain information about your visit.
Website Platform Cookies: Our website is hosted on the DudaOne (Multiscreensite) platform, which may use essential cookies necessary for the website to function properly, such as session management, security, and load balancing.
Analytics: Our website may use analytics tools to collect aggregate, non-personally identifiable information about website traffic, including pages visited, time spent on the site, and general geographic location. This data helps us understand how visitors use our site so we can improve it.
No Advertising Cookies: We do not use cookies for advertising purposes, and we do not serve targeted advertisements on our website.
Managing Cookies: You can manage or disable cookies through your web browser settings. Please note that disabling certain cookies may affect the functionality of our website. Most browsers allow you to refuse cookies, delete cookies, or be notified before a cookie is placed.
Do Not Track: Some web browsers have a "Do Not Track" (DNT) feature. We respect your browser's DNT settings where technically feasible.
10. WEBSITE ACCESSIBILITY - USERWAY
We are committed to ensuring that our website is accessible to all visitors, including individuals with disabilities. To support this commitment, we use the Accessibility Widget by UserWay on our website.
What UserWay Provides: The UserWay Accessibility Widget is an add-on tool that allows visitors to customize their browsing experience to meet their individual accessibility needs. Features available through the UserWay widget include, but are not limited to:
- Contrast adjustments (including dark contrast, light contrast, and high contrast modes)
- Text size adjustment and text spacing controls
- Link highlighting for easier navigation
- Cursor size adjustments (large cursor and reading guide)
- Screen reader compatibility enhancements
- Keyboard navigation support
- Pause animations feature
- Font adjustments for improved readability (such as dyslexia-friendly fonts)
- Page structure and heading navigation tools
- Color saturation and monochrome options
- Ability to reset all accessibility settings at any time
- Support for 40+ languages
Privacy and UserWay: UserWay is designed as a Privacy by Design service. UserWay does not collect any personal information from users interacting with the widget on our website. Accessibility preferences you set using the widget are stored locally on your device and are not transmitted to us or to UserWay. For more information, you may review UserWay's privacy policy at https://userway.org/privacy/.
Accessibility Standards: The UserWay widget is designed to help improve compliance with Web Content Accessibility Guidelines (WCAG 2.1), the Americans with Disabilities Act (ADA), Section 508, and other applicable accessibility standards.
Feedback: If you experience any accessibility issues on our website or need assistance, please contact us at info@angazatherapy.com or (662) 343-3324. We welcome your feedback and are committed to improving accessibility for all users.
11. NOTICE OF PRIVACY PRACTICES (HIPAA)
Angaza Therapy & Consulting Services LLC is required to comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations, including the HIPAA Privacy Rule and the HIPAA Security Rule.
Your Protected Health Information (PHI): PHI includes any individually identifiable health information related to your past, present, or future physical or mental health condition, the provision of healthcare services to you, or payment for such services.
How We May Use and Disclose Your PHI:
For Treatment: We may use and disclose your PHI to provide, coordinate, and manage your mental health treatment. For example, we use your clinical information during therapy sessions to develop and implement your treatment plan.
For Payment: We may use and disclose your PHI to obtain payment for services. For example, we may share information with your insurance company (through Headway) to process claims or provide you with a superbill for out-of-network reimbursement.
For Healthcare Operations: We may use and disclose your PHI for practice operations such as quality assessment, professional training, and compliance activities.
As Required by Law: We may disclose your PHI when required by federal, state, or local law, including mandatory reporting obligations.
To Avert a Serious Threat: We may use and disclose your PHI when necessary to prevent a serious and imminent threat to your health or safety, or the health or safety of others.
Abuse, Neglect, or Domestic Violence: We may disclose your PHI to appropriate authorities if we believe you are a victim of abuse, neglect, or domestic violence, as required or authorized by law.
Judicial and Administrative Proceedings: We may disclose your PHI in response to a court order, subpoena, or other lawful process.
Your Rights Under HIPAA:
Right to Access: You have the right to request access to your PHI maintained by our practice. We will provide a copy of your records within thirty (30) days of your written request. A reasonable fee may be charged for copying costs.
Right to Amend: You have the right to request that we amend your PHI if you believe it is incorrect or incomplete. We may deny your request under certain circumstances, and if so, we will provide you with a written explanation.
Right to an Accounting of Disclosures: You have the right to request a list of certain disclosures of your PHI that we have made. This does not include disclosures made for treatment, payment, or healthcare operations, or disclosures you authorized.
Right to Request Restrictions: You have the right to request restrictions on how we use or disclose your PHI for treatment, payment, or healthcare operations. We are not required to agree to all restriction requests, but we will accommodate reasonable requests when possible.
Right to Request Confidential Communications: You have the right to request that we communicate with you about your health information in a specific way or at a specific location. For example, you may request that we contact you only by email at a particular email address.
Right to a Paper Copy of This Notice: You have the right to receive a paper copy of this Privacy Policy and Notice of Privacy Practices at any time by contacting us.
Right to Be Notified of a Breach: You have the right to be notified if there is a breach of your unsecured PHI, as described in Section 8.
Right to File a Complaint: If you believe your privacy rights have been violated, you may file a complaint with us directly or with the U.S. Department of Health and Human Services Office for Civil Rights. We will not retaliate against you for filing a complaint. You may contact HHS at:
U.S. Department of Health and Human Services
Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
Phone: 1-877-696-6775
Website: www.hhs.gov/ocr
To exercise any of these rights, please submit a written request to:
Caroline Petty, LCSW-PMH-C
Angaza Therapy & Consulting Services LLC
Email: info@angazatherapy.com
Phone: (662) 343-3324
12. CLIENT RIGHTS AND RESPONSIBILITIES
Your Rights:
You have the right to be informed about how your personal information and PHI are collected, used, stored, and shared.
You have the right to access your records and request copies of your personal information and clinical records.
You have the right to request corrections or amendments to your records if you believe they contain errors.
You have the right to request the deletion of your personal information, subject to legal retention requirements and exceptions. Please note that we may be required by law to retain certain records and cannot always fulfill deletion requests.
You have the right to revoke any previously given authorization for the use or disclosure of your information, except to the extent that we have already acted in reliance on that authorization.
You have the right to receive a Good Faith Estimate of expected charges for services, as required by the No Surprises Act.
You have the right to file a complaint if you believe your privacy rights have been violated.
Your Responsibilities:
You are responsible for providing accurate and complete personal and health information to support your care.
You are responsible for notifying us of any changes to your contact information, insurance coverage, or other relevant details.
You are responsible for reviewing and understanding this Privacy Policy and asking questions if anything is unclear.
You are responsible for informing us if you wish to revoke any authorization you have previously provided.
13. SOCIAL MEDIA POLICY
Angaza Therapy may maintain a presence on social media platforms for educational and informational purposes. Please be aware of the following:
We will never disclose that you are a client, contact you through social media, or acknowledge any relationship with you on any social media platform.
If you choose to interact with our social media content (such as liking, commenting, or sharing), please be aware that your interaction may be visible to others and could potentially reveal that you have an interest in therapy services.
We recommend that you do not send private or confidential information to us through social media platforms, as these platforms are not secure or HIPAA-compliant.
Any information shared on social media platforms is governed by that platform's own privacy policy, which is outside of our control.
For confidential communication, please contact us directly via email at info@angazatherapy.com or by phone at (662) 343-3324.
14. TELEHEALTH AND VIRTUAL SERVICES
All therapy services provided by Angaza Therapy are delivered virtually through a secure, HIPAA-compliant video platform. The following applies to our telehealth services:
You are responsible for ensuring you are in a private and confidential location during your virtual therapy sessions.
You are responsible for having a reliable internet connection and a device with a camera and microphone.
While we use encrypted and secure technology, no method of electronic communication is completely secure. We take all reasonable measures to protect your information, but cannot guarantee absolute security during telehealth sessions.
Our telehealth services are provided only to clients physically located in Mississippi or Alabama at the time of the session, in accordance with state licensing requirements.
Session links are sent securely before each appointment and should not be shared with others.
15. STATE-SPECIFIC DISCLOSURES
Mississippi: Angaza Therapy & Consulting Services LLC operates under the laws of the State of Mississippi. Caroline Petty is a Licensed Clinical Social Worker (LCSW) licensed in the State of Mississippi with a Perinatal Mental Health Certification (PMH-C). All services comply with the Mississippi Board of Examiners for Social Workers and Marriage and Family Therapists rules and regulations, as well as applicable Mississippi state privacy and health information laws.
Alabama: Caroline Petty is also licensed to provide virtual therapy services to clients located in Alabama. All services provided to Alabama clients comply with Alabama Board of Social Work Examiners rules and regulations and applicable Alabama state laws regarding health information privacy.
16. UPDATES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:
The "Last Updated" date at the top of this policy will be revised to reflect the date of the most recent changes.
If changes are significant, we will make reasonable efforts to notify you, such as by posting a notice on our website, sending an email to the address we have on file, or informing you directly during a therapy session.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.
Your continued use of our website or services after any updates to this Privacy Policy constitutes your acceptance of the revised terms.
17. CONTACT INFORMATION
If you have any questions, concerns, or requests regarding this Privacy Policy, your personal information, your Protected Health Information, or your rights under HIPAA, please contact us:
Caroline Petty, LCSW-PMH-C
Privacy Officer
Angaza Therapy & Consulting Services LLC
Email: info@angazatherapy.com
Phone: (662) 343-3324
Website: https://caroline-petty-angaza-therapy.multiscreensite.com
You may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights if you believe your privacy rights have been violated:
U.S. Department of Health and Human Services
Office for Civil Rights
Website: www.hhs.gov/ocr
Phone: 1-877-696-6775
This Privacy Policy was written to comply with the Health Insurance Portability and Accountability Act (HIPAA), applicable Mississippi and Alabama state laws, and best practices for mental health privacy. This policy is not intended as legal advice. If you have specific legal questions about your rights, please consult a qualified attorney.
Copyright 2026 Angaza Therapy & Consulting Services LLC. All rights reserved.