HIPAA Notice of Privacy Practices
Effective date: July 9, 2026
This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
OurOpenSpace operates a platform that connects you with independent licensed clinicians for group and individual therapy sessions. In providing scheduling, payment, reminders, and support services around that care, we handle limited health-related information — such as the sessions you book and attend, your interest areas, and your support conversations. We protect that information to the standards of the Health Insurance Portability and Accountability Act (HIPAA) where it applies. Clinicians you see through OurOpenSpace are independent providers and maintain their own clinical records and privacy practices; ask your clinician for their notice regarding records they keep.
How we may use and disclose your health information
- Treatment-related operations — sharing your registration and attendance with the clinician whose session you booked, so they know who is attending and can run the session.
- Payment — processing session fees through our payment processor (Stripe) and keeping transaction records. We never see or store card or bank numbers.
- Health care operations — clinician vetting, quality and safety reviews, dispute resolution, security auditing, and legally required record-keeping.
- Reminders — sending you booking confirmations and session reminders by email or app notification.
- Guardians of minors — for participants aged 13–17, the consenting guardian receives the consent request and account-status notices.
- Required by law — when disclosure is required by law, court order, or to prevent a serious and imminent threat to health or safety.
We do not sell your health information, use it for advertising, or share it with third parties for their marketing. Any other use or disclosure requires your written authorization, which you may revoke at any time.
Your rights
- Access — see and receive a copy of the information we hold about you. Much of it is visible directly in your account; email us for a full copy.
- Amendment — ask us to correct information you believe is wrong or incomplete.
- Accounting of disclosures — request a list of certain disclosures we have made of your information.
- Restrictions — request limits on how we use or share your information. We will consider every request but are not always required to agree.
- Confidential communications — ask us to contact you in a specific way (for example, a different email address).
- Deletion — delete your account at any time in-app or at /delete-account. Some records (payment and audit records) are retained as required by law.
- Notification of a breach — we will notify you if a breach compromises the privacy or security of your information.
- Paper copy of this notice — available on request.
Our duties
We are required to maintain the privacy and security of your health information, provide you this notice of our legal duties and privacy practices, follow the terms of the notice currently in effect, and notify you of breaches. We may update this notice; the current version is always at this URL with its effective date above.
Complaints and contact
If you believe your privacy rights have been violated, contact us at [email protected]. You may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights. You will never be penalized or retaliated against for filing a complaint.
See also our Privacy Policy for how we handle all personal information, including non-health data.