ADHD, Depression, Anxiety Therapy: Kids, Teens, Adults

Calm Clarity Therapy

Effective Date: February 17, 2026

Last Updated: February 17, 2026

Website: https://www.calmclaritytherapy.com

INTRODUCTION

Welcome to Calm Clarity Therapy. We are committed to protecting the privacy and confidentiality of our clients, website visitors, and anyone who interacts with our practice. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you visit our website, use our services, or communicate with us.

Calm Clarity Therapy is a mental health group practice located in Lakewood and Aurora, Colorado, providing individual therapy, couples and family therapy, teletherapy, and walk-and-talk therapy sessions. We are subject to federal and Colorado state privacy laws, including the Health Insurance Portability and Accountability Act (HIPAA), the Colorado Consumer Privacy Act (CPA), and other applicable regulations.

By using our website, scheduling an appointment, or engaging with our services, you acknowledge that you have read and understand this Privacy Policy. If you have questions or concerns, please contact us using the information provided at the end of this document.

1. INFORMATION WE COLLECT

We collect several categories of personal information depending on how you interact with our practice:

a) Personal Identification Information

This includes your full name, date of birth, home address, email address, phone number, and emergency contact information.

b) Health and Clinical Information

This includes mental health history, diagnoses, treatment plans, session notes, assessment results, medication information, and any other information you provide during the course of therapy. This information is considered Protected Health Information (PHI) under HIPAA.

c) Insurance and Payment Information

This includes your health insurance provider and policy details, copay and deductible information, billing address, and payment card or bank account details used for processing payments.

d) Appointment and Scheduling Information

This includes dates, times, and types of appointments scheduled, therapist preferences, and session format preferences (in-person, teletherapy, or walk-and-talk).

e) Website Usage and Analytics Data

This includes your IP address, browser type and version, device type, operating system, pages visited on our website, time spent on each page, referring URLs, and general geographic location derived from your IP address.

f) Communication Data

This includes emails, phone calls, text messages, voicemails, and information submitted through our website contact form (name, email, phone number, and message content).

2. HOW WE COLLECT INFORMATION

We collect personal information through the following methods:

- Website contact forms: When you submit an inquiry through our website's contact form, we collect your name, email address, phone number, and message content.

- Online scheduling system: When you book a session through our scheduling platform (Sessions Health), we collect your personal, insurance, and appointment information.

- Intake paperwork: Before your first session, you will complete intake forms electronically through our Electronic Medical Records (EMR) system, which collects personal, health, insurance, and emergency contact information.

- Direct communication: Information you share with us via phone (720-443-1021), email (info@calmclaritytherapy.com), text message, or in person.

- Therapy sessions: Clinical information gathered during in-person sessions at our Lakewood or Aurora offices, walk-and-talk sessions, or teletherapy sessions conducted via HIPAA-compliant video conferencing (Zoom for Healthcare).

- Cookies and tracking technologies: Our website uses cookies and similar technologies to collect analytics data about how visitors use our site. See Section 9 for details.

- Insurance verification: We may collect information from your insurance company to verify coverage and benefits.

3. WHY WE COLLECT YOUR INFORMATION (PURPOSES)

We collect and use your personal information for the following purposes:

- Providing therapy services: To deliver individual, couples, family, teletherapy, and walk-and-talk therapy sessions effectively and safely.

- Appointment scheduling and management: To book, confirm, reschedule, or cancel appointments through our scheduling system.

- Communication: To respond to your inquiries, send appointment reminders, share relevant clinical resources, and communicate about your care.

- Billing and payment processing: To process payments, submit insurance claims, verify insurance benefits, manage copays, and handle billing-related matters.

- Compliance with legal and regulatory requirements: To comply with HIPAA, Colorado state mental health regulations, the Colorado Consumer Privacy Act, insurance requirements, and other applicable laws.

- Treatment coordination: When applicable and with your consent, to coordinate care with other healthcare providers involved in your treatment.

- Quality improvement: To evaluate and improve our services, train staff, and enhance the client experience.

- Website analytics: To understand how visitors use our website so we can improve its content, functionality, and user experience.

- Marketing and outreach: With your explicit consent where required, to send newsletters, blog updates, or information about our services. You may opt out at any time.

4. HOW WE USE YOUR INFORMATION

Your information is used in the following ways:

- Clinical records are maintained in our secure EMR system (Sessions Health) to document your treatment, track progress, and ensure continuity of care.

- Personal contact information is used to communicate with you about appointments, billing, and your care.

- Insurance and payment information is used to process claims, collect copays, and manage your account balance.

- Website analytics data is used in aggregate form to understand visitor behavior and improve our website. This data is not linked to your clinical records.

- Contact form submissions are used to respond to your inquiries and, if applicable, to initiate the intake process.

We do not sell, rent, or trade your personal information to any third party for marketing purposes.

5. WHO WE SHARE INFORMATION WITH

We may share your information with the following third parties, only as necessary and as permitted or required by law:

a) Electronic Medical Records (EMR) and Practice Management

We use Sessions Health as our EMR and practice management platform to maintain clinical records, manage scheduling, process intake paperwork, and handle billing. Sessions Health is HIPAA compliant and has signed a Business Associate Agreement (BAA) with our practice.

b) Payment Processors

We use third-party payment processing services to handle credit card and electronic payment transactions. These processors are PCI-DSS compliant and do not store your full payment information on our systems.

c) Insurance Companies

If you use insurance to pay for services, we submit claims to your insurance provider that include your personal information, diagnosis codes, dates of service, and other information required for reimbursement.

d) Telehealth Platform

We use Zoom for Healthcare, a HIPAA-compliant video conferencing platform, to conduct teletherapy sessions. Zoom for Healthcare operates under a BAA with our practice.

e) Website Hosting and Analytics

Our website is hosted by a third-party provider and may use analytics tools (such as Google Analytics) to collect anonymized data about website traffic. These services may use cookies. See Section 9 for more details.

f) Accessibility Services

We use the Accessibility by UserWay widget on our website. UserWay does not collect personal information from users interacting with the widget. See Section 10 for details.

g) Other Healthcare Providers

With your written consent, we may share clinical information with other healthcare providers (such as psychiatrists, primary care physicians, or other therapists) involved in your care for treatment coordination purposes.

h) Legal and Regulatory Disclosures

We may disclose your information without your consent when required or permitted by law, including:

- When there is a risk of imminent harm to yourself or others.

- When there is suspected abuse or neglect of a child, elder, or dependent adult.

- In response to a valid court order or subpoena.

- As required by Colorado state mandatory reporting laws.

- To comply with HIPAA requirements.

- As otherwise required by federal, state, or local law.

i) Business Operations

We may share limited information with IT support providers, consultants, or administrative support staff who assist with practice operations. All such parties are bound by confidentiality agreements and, where applicable, BAAs.

6. HOW LONG WE RETAIN YOUR INFORMATION

We retain your information in accordance with the following guidelines:

- Clinical and health records: We retain clinical records for a minimum of ten (10) years from the date of your last session, or as required by Colorado state law and HIPAA regulations. For minor clients, records are retained for at least ten (10) years past the age of majority (age 18).

- Billing and insurance records: We retain billing records for a minimum of seven (7) years from the date of service, as required by federal and state tax and healthcare regulations.

- Website analytics data: Anonymized analytics data may be retained indefinitely. Identifiable website data (such as contact form submissions) is retained for up to three (3) years unless you request deletion sooner.

- Communication records: Emails, voicemails, and other correspondence are retained for up to seven (7) years.

When the applicable retention period expires, your records will be securely destroyed using methods appropriate for the type of data (such as shredding for paper records and secure digital deletion for electronic records).

7. HOW WE PROTECT YOUR INFORMATION

We take the security of your personal and health information seriously and have implemented the following safeguards:

- Encryption: All electronic data is encrypted both in transit (using SSL/TLS) and at rest. Our website uses HTTPS encryption to protect data transmitted between your browser and our servers.

- Access controls: Access to client records is restricted to authorized clinical and administrative staff on a need-to-know basis. Each authorized user has unique login credentials, and multi-factor authentication is used where available.

- Secure EMR system: Our EMR platform (Sessions Health) is HIPAA-compliant and uses industry-standard security measures including encryption, secure data centers, and regular security audits.

- HIPAA-compliant telehealth: Teletherapy sessions are conducted via Zoom for Healthcare, which uses end-to-end encryption and meets HIPAA security requirements.

- Staff training: All therapists and staff members receive regular training on HIPAA regulations, data privacy best practices, and our internal privacy and security policies.

- Physical security: Our offices in Lakewood and Aurora maintain physical security measures to protect paper records and in-office technology, including locked file cabinets, secured office access, and confidential disposal of paper records.

- Offsite and cloud backups: Electronic records are backed up securely to prevent data loss in the event of a technical failure or disaster.

- Incident response: We maintain a data breach response plan to promptly address any security incident. See Section 8 for details.

8. DATA BREACH NOTIFICATION PROCEDURE

In the event of a data breach involving your personal or health information, we will take the following steps:

- Investigation: We will promptly investigate the nature and scope of the breach to determine what information was affected.

- Containment: We will take immediate steps to contain the breach and prevent further unauthorized access.

- Notification to affected individuals: If the breach involves unsecured Protected Health Information (PHI) and poses a significant risk of harm, we will notify affected individuals in writing without unreasonable delay and no later than sixty (60) days from the date of discovery, as required by HIPAA.

- Notification to authorities: We will notify the U.S. Department of Health and Human Services (HHS) as required by HIPAA. If the breach affects 500 or more individuals, we will also notify prominent media outlets serving the affected area.

- Documentation: We will document the breach, our response, and any corrective actions taken.

- Corrective action: We will implement measures to prevent similar breaches in the future, which may include additional staff training, updated security protocols, or system upgrades.

9. COOKIES AND TRACKING TECHNOLOGIES

Our website uses cookies and similar tracking technologies to enhance your browsing experience and collect analytics data.

a) What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help the website remember your preferences and understand how you interact with the site.

b) Types of Cookies We Use

- Essential cookies: These are necessary for the basic functionality of our website, such as navigation and accessing secure areas. These cannot be disabled.

- Analytics cookies: We may use analytics services (such as Google Analytics) to collect anonymized data about website traffic, including pages visited, time on site, and referring sources. This data helps us understand how visitors use our website and improve its performance.

- Functionality cookies: These remember your preferences (such as language or accessibility settings) to provide a more personalized experience.

c) Third-Party Cookies

Some cookies may be placed by third-party services integrated into our website, such as analytics providers or the UserWay accessibility widget. These third parties have their own privacy policies governing the use of cookies.

d) How to Manage Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. However, please note that disabling certain cookies may affect the functionality of our website.

To manage cookies in your browser, consult your browser's help documentation or visit your browser's settings menu. You may also opt out of Google Analytics tracking by installing the Google Analytics Opt-Out Browser Add-On, available at https://tools.google.com/dlpage/gaoptout.

e) Do Not Track Signals

Our website currently does not respond to "Do Not Track" browser signals. However, you may manage your cookie preferences as described above.

10. WEBSITE ACCESSIBILITY (USERWAY)

Calm Clarity Therapy is committed to making our website accessible to all visitors, including individuals with disabilities. We use the Accessibility by UserWay widget to help enhance the accessibility and usability of our website.

a) What UserWay Provides

The UserWay Accessibility Widget provides a range of tools that allow visitors to customize their browsing experience. Features include:

- Screen reader compatibility for auditory feedback of on-screen content.

- Text resizing to increase font size for improved readability.

- Contrast adjustments including dark mode, inverted colors, and smart contrast for optimal visual comfort.

- Text spacing adjustments for improved readability.

- Dyslexia-friendly and legible font options designed to reduce confusion and improve reading ease.

- Highlight links to make clickable elements easier to identify.

- Big cursor option for better visibility.

- Reading mask and reading guide tools to help users follow lines of text.

- Hide images option for a simplified, text-focused view.

- Keyboard navigation enhancements for users who cannot use a mouse.

- Tool tips that display alt text descriptions when hovering over images.

- Dictionary feature for quick access to word definitions.

- Page structure navigation for improved content organization.

b) Accessing the Widget

The UserWay widget appears as a floating accessibility icon on our website. Click the icon to open the accessibility menu and customize your settings.

c) Privacy and UserWay

UserWay does not collect personal information from users who interact with the accessibility widget. Any preferences you set through the widget are stored locally on your device and are not transmitted to Calm Clarity Therapy or UserWay.

d) Commitment to Accessibility

We strive to meet or exceed the standards set by the Web Content Accessibility Guidelines (WCAG) 2.1, the Americans with Disabilities Act (ADA), and Section 508 of the Rehabilitation Act. If you experience any accessibility issues on our website, please contact us so we can address them promptly.

11. NOTICE OF PRIVACY PRACTICES (HIPAA)

This section serves as our Notice of Privacy Practices as required by the Health Insurance Portability and Accountability Act (HIPAA) of 1996.

a) Our Legal Duty

We are required by law to maintain the privacy of your Protected Health Information (PHI), provide you with this notice of our privacy practices, and follow the terms of the notice currently in effect. PHI includes any individually identifiable health information related to your past, present, or future physical or mental health condition, the provision of healthcare to you, or payment for healthcare services.

b) How We May Use and Disclose Your PHI

We may use and disclose your PHI for the following purposes without your written authorization:

- Treatment: To provide, coordinate, or manage your mental health treatment. This includes sharing information with other therapists within Calm Clarity Therapy who are involved in your care, and with outside providers when you have given consent.

- Payment: To obtain payment for services we provide. This includes submitting claims to your insurance company, verifying coverage, and collecting copays or outstanding balances.

- Healthcare operations: To support our business activities, including quality assessment, staff training, compliance reviews, and business planning.

- As required by law: When federal, state, or local law requires disclosure.

- Public health and safety: To prevent or lessen a serious and imminent threat to the health or safety of a person or the public.

- Abuse or neglect reporting: To report suspected child abuse or neglect, elder abuse, or abuse of a dependent adult to the appropriate authorities as required by Colorado law.

- Judicial and administrative proceedings: In response to a valid court order, subpoena, or other lawful process.

- Law enforcement: To comply with certain law enforcement requests as permitted by HIPAA.

- Workers' compensation: As necessary to comply with workers' compensation laws.

c) Uses and Disclosures That Require Your Written Authorization

Except as described above, we will not use or disclose your PHI without your written authorization. You may revoke your authorization at any time in writing, except to the extent we have already relied on it. Examples of disclosures requiring authorization include:

- Sharing your records with a family member, friend, or other individual you designate.

- Using your PHI for marketing purposes.

- Selling your PHI (which we will never do).

- Sharing psychotherapy notes (to the extent maintained separately from your clinical record).

12. YOUR RIGHTS

As a client or website visitor, you have the following rights regarding your personal information and Protected Health Information:

a) Right to Access

You have the right to view and obtain a copy of your clinical records and other personal information we maintain about you. To request access, please submit a written request to our practice. We will respond within thirty (30) days. A reasonable fee may be charged for copying.

b) Right to Amend

You have the right to request that we correct or amend your records if you believe they contain an error. Submit your request in writing, including the reason for the amendment. We will respond within sixty (60) days. We may deny the request under certain circumstances permitted by HIPAA and will provide a written explanation if we do.

c) Right to an Accounting of Disclosures

You have the right to request a list of certain disclosures of your PHI that we have made. This does not include disclosures made for treatment, payment, healthcare operations, or disclosures you authorized in writing.

d) Right to Request Restrictions

You have the right to request that we limit how we use or disclose your PHI. While we will consider your request, we are not required to agree to all restrictions. However, we are required to agree to a restriction on disclosure to a health plan if you pay for services out of pocket in full.

e) Right to Request Confidential Communications

You have the right to request that we communicate with you in a specific way or at a specific location. For example, you may ask that we only contact you by email or at a particular phone number. We will accommodate reasonable requests.

f) Right to a Paper Copy of This Notice

You have the right to receive a paper copy of this Privacy Policy and Notice of Privacy Practices at any time. Please contact us to request one.

g) Right to Be Notified of a Breach

You have the right to be notified if your unsecured PHI is involved in a data breach, as described in Section 8.

h) Right to File a Complaint

If you believe your privacy rights have been violated, you may file a complaint with our practice or with the U.S. Department of Health and Human Services, Office for Civil Rights.

To file a complaint with HHS:

U.S. Department of Health and Human Services

Office for Civil Rights

200 Independence Avenue, S.W.

Washington, D.C. 20201

Phone: 1-877-696-6775

Website: https://www.hhs.gov/hipaa/filing-a-complaint/index.html

We will not retaliate against you for filing a complaint.

i) Colorado Consumer Privacy Act (CPA) Rights

As a Colorado resident, you may also have additional rights under the Colorado Consumer Privacy Act, including the right to opt out of the processing of your personal data for targeted advertising, the sale of personal data, or profiling. Calm Clarity Therapy does not sell personal data or engage in profiling. To exercise any rights under the CPA, please contact us using the information below.

13. CHILDREN'S PRIVACY

Calm Clarity Therapy provides therapy services for children and teens. When we provide services to a minor (under age 18), a parent or legal guardian must provide consent for treatment and for the collection and use of the minor's personal and health information.

Parents and legal guardians have the right to access their minor child's records, subject to applicable Colorado state laws regarding the confidentiality of minors in therapy. In certain situations, Colorado law may protect a minor's right to confidentiality regarding specific aspects of their treatment.

We do not knowingly collect personal information from children under 13 through our website without parental consent, in compliance with the Children's Online Privacy Protection Act (COPPA).

14. TELEHEALTH AND VIRTUAL SESSIONS

When you participate in teletherapy sessions, please be aware of the following:

- Teletherapy sessions are conducted through Zoom for Healthcare, a HIPAA-compliant video conferencing platform.

- While we use encrypted and secure technology, no electronic communication method is completely secure. We recommend that you participate in sessions from a private location using a secure internet connection.

- You are responsible for ensuring your own environment is private during virtual sessions.

- In the event of a technology failure during a session, your therapist will attempt to reconnect or contact you by phone to complete the session.

15. SOCIAL MEDIA AND EXTERNAL LINKS

Our website or social media accounts may contain links to external websites. We are not responsible for the privacy practices of those sites. We encourage you to review the privacy policies of any external websites you visit.

If you interact with Calm Clarity Therapy on social media platforms (such as Instagram or Facebook), please be aware that those platforms have their own privacy policies. We advise against sharing personal health information through social media. We will not disclose your status as a client or acknowledge any therapeutic relationship on social media.

16. UPDATES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.

When we make material changes to this policy, we will:

- Update the "Last Updated" date at the top of this document.

- Post the revised policy on our website at https://www.calmclaritytherapy.com.

- Make reasonable efforts to notify current clients of significant changes, which may include email notification, a notice on our website, or notification at your next appointment.

We encourage you to review this policy periodically to stay informed about how we protect your information.

17. CONTACT INFORMATION

If you have any questions, concerns, or requests regarding this Privacy Policy, your personal information, or your privacy rights, please contact us:

Calm Clarity Therapy

Founder: Moriah LaRocque, LCSW

Phone: 720-443-1021

Email: info@calmclaritytherapy.com

Website: https://www.calmclaritytherapy.com

For HIPAA-related complaints, you may also contact:

U.S. Department of Health and Human Services

Office for Civil Rights

1961 Stout Street, Room 08-148

Denver, CO 80294

Phone: 1-800-368-1019

Website: https://www.hhs.gov/ocr

18. CONSENT

By using our website, scheduling an appointment, or engaging with our services, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. Where required by law, we will obtain your explicit written consent before collecting, using, or disclosing certain types of information.

You may withdraw your consent at any time by contacting us, except where doing so would conflict with legal or regulatory requirements. Withdrawing consent may limit our ability to provide certain services.

This Privacy Policy is intended to comply with the requirements of the Health Insurance Portability and Accountability Act (HIPAA), the HIPAA Privacy Rule (45 CFR Part 164), the Colorado Consumer Privacy Act (CPA), the Children's Online Privacy Protection Act (COPPA), and all other applicable federal, state, and local laws.

This document does not constitute legal advice. We recommend consulting with a qualified attorney to ensure your practice's full compliance with all applicable laws and regulations.