Privacy Policy
Effective Date: July 1, 2025
Last Updated: July 1, 2025
Introduction
COR Counseling, Community Services and Clinical Supervision ("we," "us," or "our") is committed to protecting your privacy and maintaining the confidentiality of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [insert website URL] and use our services.
Information We Collect
Personal Information
We may collect personal information that you voluntarily provide to us, including:
Name, email address, phone number, and mailing address
Date of birth and emergency contact information
Insurance information and payment details
Health information and clinical records (protected under HIPAA)
Communications with our staff and clinicians
Automatically Collected Information
When you visit our website, we may automatically collect:
IP address and browser information
Device type and operating system
Pages visited and time spent on our site
Referral sources and search terms used
Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your website experience. You can control cookie preferences through your browser settings.
How We Use Your Information
We use collected information to:
Provide mental health counseling services
Schedule appointments and manage your care
Process payments and insurance claims
Communicate about your treatment and our services
Comply with legal and regulatory requirements
Improve our website and services
Legal Basis for Processing (GDPR)
Under GDPR, we process your personal data based on:
Consent: When you provide explicit consent for specific purposes
Legitimate Interest: To provide healthcare services and improve our practice
Legal Obligation: To comply with healthcare regulations and laws
Vital Interest: When necessary to protect your health and safety
Information Sharing and Disclosure
We may share your information in the following circumstances:
Healthcare Operations
With other healthcare providers involved in your care
For treatment coordination and continuity of care
With insurance companies for payment and coverage verification
Legal Requirements
When required by law or court order
To protect against fraud or other illegal activities
In emergency situations to protect health and safety
Business Associates
With HIPAA-compliant service providers (billing, IT support, etc.)
All business associates sign agreements to protect your information
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
Your Rights and Choices
HIPAA Rights
As our patient, you have the right to:
Access your medical records
Request corrections to your information
Request restrictions on how we use your information
Request confidential communications
File complaints about our privacy practices
GDPR Rights (if applicable)
If you are in the EU, you have additional rights:
Right to Access: Request copies of your personal data
Right to Rectification: Request correction of inaccurate data
Right to Erasure: Request deletion of your data (with limitations for medical records)
Right to Restrict Processing: Request limits on how we process your data
Right to Data Portability: Request transfer of your data
Right to Object: Object to processing based on legitimate interests
CCPA Rights (California Residents)
California residents have the right to:
Know what personal information we collect and how it's used
Request deletion of personal information (with healthcare exceptions)
Opt-out of sale of personal information (we do not sell personal information)
Non-discrimination for exercising privacy rights
Data Security
We implement appropriate technical and organizational measures to protect your information:
Encryption of data in transit and at rest
Access controls and authentication systems
Regular security assessments and updates
Staff training on privacy and security practices
HIPAA-compliant security measures
Data Retention
We retain your information as required by:
Michigan state laws for mental health records
HIPAA requirements for healthcare information
Legal and regulatory obligations
Legitimate business purposes
Generally, clinical records are retained for at least 7 years after the last date of service, or longer as required by law.
International Data Transfers
If you are located outside the United States, please note that your information may be transferred to and processed in the United States, where our servers are located and our business operates.
Children's Privacy
Our services are not directed to individuals under 18 without parental consent. We comply with applicable laws regarding the collection of information from minors and obtain appropriate consent when treating minor clients.
Changes to This Privacy Policy
We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date.
Contact Information
For questions about this Privacy Policy or to exercise your rights, contact us:
COR Counseling, Community Services and Clinical Supervision
East Lansing Office: 2970 E Lake Lansing Rd, East Lansing, MI 48823
Ann Arbor Office: 2002 Hogback Rd, Suite 9, Ann Arbor, MI 48105
Email: intake@corcounselingmi.com
Phone: 517-230-5695
Privacy Officer: Rachel Bentley, CEO
2970 E Lake Lansing Rd, East Lansing, MI 48823
Email: intake@corcounselingmi.com
For HIPAA-related complaints, you may also contact: U.S. Department of Health and Human Services
Office for Civil Rights
Website: www.hhs.gov/ocr/privacy/hipaa/complaints/
This Privacy Policy is designed to comply with HIPAA, GDPR, CCPA, and Michigan state laws. However, it should be reviewed by qualified legal counsel to ensure full compliance with all applicable regulations.