Psych Today Screener
Log inStart free trial

Privacy Policy

Last updated: 2026-05-22

This Privacy Policy describes how Psych Today Screener ("we," "us," or "the Service") collects, uses, and protects information. Protected Health Information (PHI) is additionally governed by your HIPAA Business Associate Agreement — see the BAA.

Who we are

Psych Today Screener is operated by Psych Today Screener LLC, registered in New Jersey, USA. We are a Business Associate to the licensed psychotherapists who subscribe to the Service. We are not a healthcare provider and we do not provide clinical services.

Information we collect

From therapists (our customers)

  • Account info: email address, practice name, billing address (via Stripe).
  • Authentication state: hashed sign-in tokens, TOTP secret (encrypted at rest).
  • Operational metadata: IP, user agent, session activity (for audit logging).

From prospective clients (your inbox)

  • Inbound email body (encrypted at rest, per-tenant key).
  • Structured extraction (insurance, availability, presenting concerns).
  • Crisis flag and rationale.

Prospective-client data is PHI under HIPAA. It is held under the BAA between us and the therapist whose inbox it arrived at. It belongs to the therapist's practice; we have no independent right to it.

How we use information

  • To run the screening pipeline (extract structured fields, route crisis cases, send acknowledgments and the daily digest).
  • To bill and provide customer support.
  • To comply with legal obligations and respond to lawful requests.

We do not sell or rent personal information. We do not use PHI to train AI models. We do not load third-party analytics on authenticated pages.

Subprocessors

We disclose every vendor that touches PHI at /legal/subprocessors. Each operates under a signed BAA.

Retention

  • Encrypted intakes: retained until you delete them, your subscription ends, or we crypto-shred your tenant key (at your request).
  • Audit logs: six years (HIPAA requirement).
  • Backups: encrypted, retained 35 days, then destroyed.

Your rights as a therapist

  • Export your tenant's data at any time (Settings → Export).
  • Delete your account and crypto-shred all PHI (Settings → Delete account).

Prospective clients

If you contacted a therapist's practice and want to know what we store about you, contact the therapist directly — they are the Covered Entity. We will work with them to fulfill valid HIPAA access requests.

Children

The Service is not directed at children under 13. If a prospective-client email is from a minor, the therapist is responsible for any parental-consent obligations under the BAA and applicable state law.

Changes

We'll email account owners at least 30 days before material changes. The current version is always at this URL.

Contact

Privacy questions: privacy@psychtoday-screener.com.