PRIVACY POLICY
Memory Gains
Dr. Sahra Kim, PsyD
1172 Beacon Street, Suite 101
Newton, MA 02461
Effective Date: February 17, 2026
Last Updated: February 17, 2026
---
INTRODUCTION
Welcome to Memory Gains. This Privacy Policy explains how Dr. Sahra Kim, PsyD ("Memory Gains," "we," "us," or "our") collects, uses, stores, shares, and protects your personal information when you visit our website at www.memory-gains.com, use our services, or communicate with us in any way. We are committed to protecting your privacy and handling your information responsibly and in compliance with all applicable laws, including the Health Insurance Portability and Accountability Act (HIPAA), Massachusetts state privacy laws, and other relevant regulations.
By using our website or engaging our services, you acknowledge that you have read and understood this Privacy Policy.
---
1. INFORMATION WE COLLECT
We may collect the following categories of personal information:
Personal Identifiers: Full name, email address, phone number, and mailing address.
Health Information: Mental health history, cognitive and neuropsychological assessment results, therapy session notes, treatment plans, diagnoses, medication information, and other Protected Health Information (PHI) as defined by HIPAA.
Appointment Information: Scheduling details, consultation requests, intake forms, and session records.
Payment and Billing Information: Credit card details, billing address, transaction records, insurance information (if applicable for out-of-network reimbursement), and Good Faith Estimates.
Communications: Messages sent through our website contact form, emails, phone calls, and any other correspondence.
Website Usage Data: IP address, browser type, device information, pages visited, time spent on pages, referring URLs, and other analytics data collected through cookies and similar technologies.
---
2. HOW WE COLLECT INFORMATION
We collect personal information through the following methods:
Website Forms: When you submit a contact form, book a free consultation, or fill out intake paperwork through our website.
Direct Communication: Through phone calls (617-249-4784), email (kim@memory-gains.com), video calls, and in-person sessions at our Newton, MA office.
Therapy and Assessment Sessions: During clinical intake evaluations, therapy sessions, neuropsychological testing, and ongoing treatment.
Payment Processing: When you provide payment for services, including initial evaluations ($300), subsequent therapy sessions ($275), and neuropsychological evaluations ($1,600).
Cookies and Analytics Tools: Through cookies, web beacons, and analytics technologies used on our website (see Section 9 for details).
Third-Party Platforms: Through any telehealth platform or electronic medical record (EMR) system used in the course of your treatment.
---
3. WHY WE COLLECT YOUR INFORMATION
We collect and use your personal information for the following purposes:
Providing Clinical Services: To deliver psychotherapy, brain training for memory loss, ADHD therapy, CBT for insomnia, neuropsychological testing, and other clinical services.
Appointment Management: To schedule, confirm, reschedule, or cancel appointments, including free consultations.
Communication: To respond to your inquiries, provide appointment reminders, and share relevant clinical information.
Billing and Payment Processing: To process payments, issue receipts for out-of-network insurance reimbursement, and provide Good Faith Estimates as required by law.
Treatment Planning: To develop, implement, and adjust personalized therapy and assessment plans.
Legal Compliance: To comply with applicable laws, regulations, and professional licensing requirements, including HIPAA, Massachusetts Board of Registration of Psychologists requirements, and other healthcare regulations.
Website Improvement: To analyze website traffic and user behavior in order to improve the user experience on www.memory-gains.com.
---
4. HOW WE USE YOUR INFORMATION
Your personal information is used to:
- Provide and coordinate your clinical care, including therapy, assessment, and brain training services.
- Communicate with you about your appointments, treatment, and account.
- Process payments and manage billing, including generating documentation for insurance reimbursement.
- Maintain accurate and complete clinical records as required by law.
- Improve our website, services, and overall client experience.
- Comply with legal obligations, respond to lawful requests from regulatory bodies, and cooperate with law enforcement when required.
- Send information about our services or resources only if you have opted in to receive such communications.
We do not sell your personal information to any third party for marketing or any other purpose.
---
5. WHO WE SHARE YOUR INFORMATION WITH
We may share your personal information with the following parties, only as necessary and in compliance with applicable law:
Payment Processors: We use third-party payment processors to handle credit card transactions securely. These processors are contractually obligated to protect your payment information and use it only for processing your transactions.
Electronic Medical Record (EMR) System: We may use a secure, HIPAA-compliant EMR system to store and manage clinical records.
IT and Website Service Providers: We work with trusted technology providers who assist with website hosting, maintenance, and security. These providers may have limited access to personal information as needed to perform their services.
Analytics Providers: We use analytics tools to understand website traffic and usage patterns. These tools collect anonymized or aggregated data (see Section 9).
Healthcare Collaborators: With your written consent, we may share relevant clinical information with other healthcare providers involved in your care, such as primary care physicians or psychiatrists.
Legal and Regulatory Bodies: We may disclose your information when required by law, court order, or regulatory request, or when necessary to protect the safety of you or others, as permitted by HIPAA and Massachusetts law.
We require all third parties who receive your information to maintain appropriate security measures and to use your information only for the purposes for which it was disclosed.
---
6. HOW LONG WE RETAIN YOUR INFORMATION
We retain your personal and clinical information in accordance with applicable laws and professional standards:
Clinical and Health Records: In accordance with Massachusetts regulations and professional best practices, clinical records are retained for a minimum of seven (7) years from the date of the last clinical contact, or longer if required by law. For minor clients (if applicable), records may be retained until the client reaches the age of majority plus the applicable retention period.
Billing and Financial Records: Payment and billing records are retained for a minimum of seven (7) years for tax and legal compliance purposes.
Website and Analytics Data: Non-identifiable website usage data may be retained for up to three (3) years for analytical purposes.
Communication Records: Emails and other correspondence may be retained for as long as necessary to address your inquiries and maintain records of communication.
When your information is no longer required for the purposes outlined in this policy or by law, it will be securely destroyed or de-identified using methods appropriate for the sensitivity of the data.
---
7. HOW WE PROTECT YOUR INFORMATION
We take the security of your personal information seriously and implement the following measures:
Encryption: Sensitive data, including health information and payment details, is encrypted during transmission and storage using industry-standard encryption protocols.
Access Controls: Access to personal and clinical information is restricted to authorized personnel only. Dr. Sahra Kim maintains direct oversight of all client records.
Secure Storage: Electronic records are stored in secure, HIPAA-compliant systems with password protection, firewalls, and other technical safeguards. Paper records, if any, are stored in locked filing areas with restricted access.
Staff Training: All personnel with access to client information are trained in privacy and security best practices, including HIPAA compliance requirements.
Secure Communication: We encourage the use of secure communication methods for exchanging sensitive information. Please be aware that standard email may not be fully secure, and we recommend discussing sensitive matters during scheduled sessions or via secure channels.
Business Associate Agreements: All third-party vendors who handle Protected Health Information on our behalf are required to sign Business Associate Agreements (BAAs) as mandated by HIPAA.
---
8. DATA BREACH NOTIFICATION
In the unlikely event of a data breach involving your personal or health information, we will:
- Investigate the breach promptly and take immediate steps to contain and mitigate any harm.
- Notify affected individuals in writing without unreasonable delay, and no later than the timeframe required by HIPAA (60 days from discovery) and Massachusetts law.
- Provide details about the nature of the breach, the types of information involved, steps we are taking to address the breach, and what you can do to protect yourself.
- Notify the U.S. Department of Health and Human Services (HHS) as required by HIPAA.
- Notify the Massachusetts Attorney General if the breach involves Massachusetts residents, as required by state law.
---
9. COOKIES AND TRACKING TECHNOLOGIES
Our website at www.memory-gains.com uses cookies and similar tracking technologies to enhance your browsing experience and analyze website traffic.
What Are Cookies: Cookies are small text files placed on your device when you visit a website. They help us understand how visitors use our site and allow certain features to function properly.
Types of Cookies We Use:
Essential Cookies: These are necessary for the website to function properly, such as enabling navigation and access to secure areas.
Analytics Cookies: We may use third-party analytics tools (such as Google Analytics or similar services) to collect anonymized data about website usage, including pages visited, time spent on the site, and traffic sources. This information helps us improve our website and user experience.
How to Manage Cookies: You can control or disable cookies through your web browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or alert you when a cookie is being placed. Please note that disabling cookies may affect certain features or functionality of our website.
Do Not Track: Our website currently does not respond to "Do Not Track" browser signals. However, you may use browser settings and third-party tools to limit tracking.
---
10. ACCESSIBILITY (USERWAY WIDGET)
Memory Gains is committed to ensuring that our website is accessible to all visitors, including individuals with disabilities. To support this commitment, we use the Accessibility Widget by UserWay on our website.
The UserWay Accessibility Widget provides the following features to enhance your browsing experience:
Text Resizing: Adjust the text size on any page for improved readability, with multiple levels of enlargement.
Color Contrast Adjustments: Modify color contrast settings, including invert colors and dark mode options, to improve visibility and reduce eye strain.
Keyboard Navigation Enhancements: Improved navigation support for users who rely on keyboard-only browsing rather than a mouse.
Screen Reader Compatibility: The widget includes screen reader support that provides auditory feedback for on-screen content, reading aloud text, descriptions, and navigational elements for visually impaired users.
Dyslexia-Friendly Fonts: Specialized font options designed to improve readability for users with dyslexia, featuring distinct letter shapes and spacing.
Highlight Links: Visual emphasis on hyperlinks to help users quickly identify clickable elements on the page.
Reading Guide and Reading Mask: Tools that help users follow lines of text more easily, including a horizontal reading guide and a semi-transparent mask around the cursor.
Big Cursor: An enlarged cursor option for better visibility on the screen.
Text Spacing Adjustments: Options to customize the spacing between lines of text for improved readability.
Hide Images: An option to remove visual elements from the page for a simplified, text-focused viewing experience.
Tooltips: Additional context and descriptions displayed when hovering over images and other elements.
The UserWay Accessibility Widget helps our website work toward compliance with the Americans with Disabilities Act (ADA), Web Content Accessibility Guidelines (WCAG) 2.1, Section 508, and other accessibility standards.
UserWay does not collect personal information from users interacting with the widget. For more information about UserWay and its privacy practices, you may visit www.userway.org.
If you experience any accessibility issues on our website, please contact us at kim@memory-gains.com or call 617-249-4784, and we will work to address the issue promptly.
---
11. YOUR RIGHTS
As a client of Memory Gains, you have the following rights regarding your personal and health information:
Right to Access: You have the right to request a copy of your clinical records and other personal information we hold about you. Requests can be made in writing to Dr. Sahra Kim at the contact information listed below.
Right to Amend: If you believe that any information in your records is inaccurate or incomplete, you may request an amendment. We will review your request and respond within the timeframe required by law. Please note that we may deny an amendment request if the information is accurate and complete, or if it was not created by our practice.
Right to Restrict: You may request restrictions on certain uses or disclosures of your health information. We will consider your request, though we are not required to agree to all restrictions.
Right to an Accounting of Disclosures: You have the right to receive a list of certain disclosures we have made of your health information, as required by HIPAA.
Right to Request Confidential Communications: You may request that we communicate with you through a specific method or at a specific location (for example, by email only or at a particular phone number).
Right to a Copy of This Policy: You are entitled to a copy of this Privacy Policy at any time upon request.
Right to File a Complaint: If you believe your privacy rights have been violated, you have the right to file a complaint with Memory Gains or with the U.S. Department of Health and Human Services (HHS), Office for Civil Rights, without fear of retaliation.
To exercise any of these rights, please contact us using the information provided in Section 13.
Please note that certain requests may be subject to exceptions under HIPAA, Massachusetts law, or other applicable regulations. For example, we may be unable to delete clinical records that we are required by law to maintain.
---
12. NOTICE OF PRIVACY PRACTICES (HIPAA)
Memory Gains is required by the Health Insurance Portability and Accountability Act (HIPAA) to maintain the privacy of your Protected Health Information (PHI) and to provide you with notice of our legal duties and privacy practices.
Protected Health Information (PHI) includes any individually identifiable health information related to your past, present, or future physical or mental health condition, the provision of healthcare services to you, or payment for healthcare services.
How We May Use and Disclose Your PHI:
For Treatment: We may use and disclose your PHI to provide, coordinate, and manage your psychological care and related services.
For Payment: We may use and disclose your PHI to process payments for services rendered, including generating superbills for insurance reimbursement.
For Healthcare Operations: We may use your PHI for quality assurance, training, licensing, and other internal operational purposes.
As Required by Law: We may disclose your PHI when required to do so by federal, state, or local law.
To Avert a Serious Threat: We may use and disclose your PHI when necessary to prevent a serious and imminent threat to your health or safety, or the health or safety of others.
Mandatory Reporting: We are required by law to report suspected child abuse or neglect, elder abuse, and certain other situations as mandated by Massachusetts law.
Judicial and Administrative Proceedings: We may disclose your PHI in response to a court order, subpoena, or other lawful process.
All other uses and disclosures of your PHI not described in this policy will be made only with your written authorization. You may revoke any authorization in writing at any time, except to the extent that we have already acted in reliance on your authorization.
---
13. CONTACT INFORMATION
If you have questions or concerns about this Privacy Policy, wish to exercise any of your rights, or need to make a privacy-related request, please contact us:
Dr. Sahra Kim, PsyD
Privacy Officer
Memory Gains
1172 Beacon Street, Suite 101
Newton, MA 02461
Phone: 617-249-4784
Email: kim@memory-gains.com
Website: www.memory-gains.com
Business Hours: Monday through Friday, 9:00 AM to 5:00 PM (Eastern Time)
To file a complaint with the U.S. Department of Health and Human Services (HHS):
Office for Civil Rights
U.S. Department of Health and Human Services
200 Independence Avenue, S.W.
Washington, D.C. 20201
Phone: 1-877-696-6775
Website: www.hhs.gov/ocr/privacy/hipaa/complaints
---
14. UPDATES TO THIS POLICY
Memory Gains reserves the right to update or modify this Privacy Policy at any time. When changes are made:
- The "Last Updated" date at the top of this policy will be revised.
- If the changes are material, we will make reasonable efforts to notify you, such as posting a prominent notice on our website or, where appropriate, sending you a direct notification by email.
- Continued use of our website or services after the updated policy has been posted constitutes your acknowledgment of the changes.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
---
15. ADDITIONAL LEGAL INFORMATION
Massachusetts Law: This Privacy Policy is governed by the laws of the Commonwealth of Massachusetts. Memory Gains complies with all applicable Massachusetts privacy and data breach notification laws, including M.G.L. Chapter 93H regarding data security breaches.
Professional Licensing: Dr. Sahra Kim is a licensed psychologist in the Commonwealth of Massachusetts, subject to oversight by the Massachusetts Board of Registration of Psychologists.
Social Media: Memory Gains may maintain a presence on social media platforms. Please be aware that any information you share on public social media pages is not protected by this Privacy Policy. We advise against sharing personal health information through social media channels. Any interaction on social media does not establish a therapeutic relationship.
Telehealth: If services are provided via telehealth, additional privacy considerations may apply. Telehealth sessions are conducted using secure, HIPAA-compliant platforms. Information transmitted during telehealth sessions is subject to the same protections outlined in this policy.
Good Faith Estimate: Under the No Surprises Act, you have the right to receive a Good Faith Estimate of expected charges for services. For more information, visit www.cms.gov/nosurprises or call 800-985-3059.
Website Disclaimer: The content on www.memory-gains.com, including blog posts and resource articles, is provided for informational and educational purposes only and does not constitute professional psychological advice, diagnosis, or treatment. Visiting the website or reading its content does not establish a therapist-client relationship.
---
16. CONSENT
By using our website, submitting forms, or engaging our clinical services, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy. For uses and disclosures of your Protected Health Information not covered by this policy or applicable law, we will obtain your written authorization before proceeding.
---
Thank you for trusting Memory Gains with your care. Your privacy is important to us, and we are committed to protecting your personal information.
Memory Gains
Dr. Sahra Kim, PsyD
1172 Beacon Street, Suite 101
Newton, MA 02461
Phone: 617-249-4784
Email: kim@memory-gains.com
www.memory-gains.com