NOTICE OF POTENTIAL HIPAA BREACH INVOLVING YOUR PERSONAL INFORMATION

We are writing to inform you of an incident involving your personal information. We take the confidentiality and security of our clients’ information seriously. We want to make you aware of what happened, what information was involved, and the steps we are taking in response.

WHAT HAPPENED

On July 12, 2025, Integrate Christian Counseling Services, LLC (“Integrate Christian Counseling”) sent a mass email newsletter titled “Integrate Happenings” to approximately 350 recipients. Unfortunately, the email addresses were inadvertently entered into the “To” field rather than the “BCC” (blind carbon copy) field, making all recipients’ email addresses visible to one another.

WHAT INFORMATION WAS INVOLVED

The only information disclosed in the incident was the email addresses of the recipients. The email itself did not contain any clinical details or treatment information, only general office updates, new staff introductions, and upcoming events. However, because the email addresses were visible to all recipients and the message was sent from our counseling practice, your association with Integrate Christian Counseling could have been inferred.

WHAT WE ARE DOING

We promptly investigated the incident and have taken steps to prevent it from happening again, including:

  • Implementing enhanced email procedures to ensure the “BCC” field is used for group communications.

  • Providing staff with additional HIPAA compliance and data security training.

  • Reviewing and updating our privacy and security policies.

 

WHAT YOU CAN DO

No passwords, Social Security numbers, financial information, or detailed health records were disclosed. The only information disclosed was your email address. We do not believe this incident poses a risk of identity theft or financial harm. However, if you are concerned, you may wish to:

  • Be alert to unsolicited emails that reference Integrate Christian Counseling or appear to come from an unfamiliar source.

  • Verify the sender’s identity before clicking links or opening attachments. If you are unsure about an email’s legitimacy, contact us directly using the information in this letter.

  • Report suspicious messages to your email provider or IT support and delete them without responding.

  • Use strong, unique passwords for your accounts and change them regularly.

 

FOR MORE INFORMATION

If you have any questions or need further assistance, please call 800-725-1990 or email me at shan@integratesccs.hush.com.