Website Privacy Policy | Cassie McCarthy, Online Therapist

Last Updated: January 2026

This privacy policy outlines how we collect, use, and protect your personal information. By visiting CassieMcCarthy.com, enrolling in our clinical services, or participating in our Continuing Education (CE) courses, you agree to the terms of this policy. If you do not agree with this policy, please refrain from using our site.

We collect different types of information depending on how you interact with us:

• Voluntary Information: Name, email address, and phone number when you submit a form.
• Automated Information: IP addresses, browser type, and page visits collected via Google Analytics to help us improve user experience.
• CE Learner Information: Professional license number, state of licensure, and course completion data (quiz scores, attendance verification) as required by continuing education accreditation boards.

As a healthcare provider, we are committed to protecting the privacy of your health information in compliance with the Health Insurance Portability and Accountability Act (HIPAA). While our website does not directly collect health information, any personal information submitted via contact forms is sent securely to our encrypted, HIPAA-compliant Google account. Once you become a client, all data is stored and managed in Simple Practice, a fully encrypted and HIPAA-compliant platform for health record management.

We use your information for specific purposes based strictly on how you engaged with us:

1. Clinical & Consultation Inquiries If you contact us to schedule a therapy consultation or ask about clinical services, your information (name, email, phone) is used strictly to coordinate that appointment and determine clinical fit. We do not use consultation contact information for marketing purposes. You will not be added to our newsletter or blog subscription list unless you explicitly request it.
2. Marketing & Resource Sign-ups If you voluntarily sign up for our blog, newsletter, or download a free resource (e.g., the “Does this count as trauma?” checklist), we use your email address to deliver that resource and send you relevant updates, educational content, and course announcements. You may unsubscribe from these emails at any time.
3. Course Administration For enrolled learners in our CE programs, we use your information to grant access to course materials, track progress, verify attendance, and issue certificates in compliance with accreditation standards.

As a healthcare provider, we are committed to protecting the privacy of your health information in compliance with the Health Insurance Portability and Accountability Act (HIPAA).

• Secure Storage: Once you become a therapy client, all clinical records are stored in Simple Practice, a fully encrypted, HIPAA-compliant electronic health record (EHR) platform.
• Encrypted Communications: Any sensitive information submitted via our website forms is routed securely to our encrypted, HIPAA-compliant Google Workspace account.

For participants in our Continuing Education programs, we adhere to the security standards set by the National Board for Certified Counselors (NBCC) and the Association of Social Work Boards (ASWB).

• Account Access: Access to course materials and learner accounts is restricted to authenticated and authorized users only.
• Data Retention: To comply with ASWB ACE and NBCC provider standards, we retain all Continuing Education program records—including participant rosters, attendance verification, evaluations, and certificates of completion—for a minimum of seven (7) years.
• Data Breach Monitoring: We maintain a written Data Breach Monitoring and Response Plan. In the event of a security breach affecting your personal data, this plan outlines our notification and mitigation procedures and is available to Continuing Education participants upon request.

We work with the following third-party vendors to operate our business securely:

• Simple Practice: For scheduling, telehealth, and managing therapy-related records (HIPAA-compliant).
• Google Workspace: For secure email and file management (HIPAA-compliant).
• Bluehost: For securely hosting our website and course data (via the Tutor LMS plugin).
• Stripe / PayPal: For secure payment processing. We do not store your credit card details on our servers.
• MailerLite: For managing email subscriptions and delivering resources like the “Does this count as trauma?” checklist.
• Excel: For secure local storage, where files are password-protected and stored on a local hard drive, not in the cloud.

Continuing Education Opt-Out: In compliance with ASWB ACE standards, participants in our Continuing Education programs have the right to opt out of having their data shared with third parties for non-essential purposes. To request an opt-out, please contact us at the email listed below. Please note that opting out of certain vendors may limit our ability to verify your attendance or issue CE credits as required by accreditation boards.

• Clinical Therapy: We do not provide clinical therapy services to clients outside of the specific United States states where Cassie McCarthy is licensed (MA, VT, VA, IL, FL).
• Continuing Education: Our Continuing Education courses are available globally. If you access our courses from outside the United States, please be aware that your data is transferred to and processed in the United States. By participating, you consent to this transfer.

We use cookies and similar technologies for tracking user behavior on our website. These tools are used for Google Analytics and may also be used for interest-based advertising through Google Ads. You can opt out of this type of tracking by adjusting your browser settings or visiting opt-out pages provided by organizations like the Digital Advertising Alliance.

We may update this privacy policy from time to time. Any changes will be posted on this page. By continuing to use the website after such changes go into effect, you are agreeing to the revised policy.

If you have any questions or concerns about this privacy policy, or to request our Data Breach Response Plan, you may contact us via email at Info@CassieMcCarthy.com or by mail at:

Cassie McCarthy, LICSW
82 Tremont St
Salem, Massachusetts 01970 USA