InSight + Regroup / Inpathy Privacy Policy

Except as provided in this Privacy Policy, your personally identifiable information (“PII”), protected health information (“PHI”), and protected financial information (“PFI”) will not be shared or distributed with any third party entity or organization.   Capitalized terms used herein and not otherwise defined shall have the meaning ascribed to them in the Inpathy Terms and Conditions of Service (“Terms and Conditions”).


For purposes of this document, PII means personally identifiable information of a User and may include a User’s first and last name, address, telephone number, email address, social security number, date of birth, credit card number, billing address, expiration date, and security code, and any other bank account or financial information provided by a User to InSight + Regroup.


For purposes of this document, PHI means medical and mental health information, history and records that You, your Provider, the Organization or Facilitator provides to us.


For purposes of this document, PFI means personal financial information as defined by the Fair Credit Reporting Act (FCRA) and the Gramm-Leach-Bliley Act (GLBA).

Children’s Online Privacy Protection Act

InSight + Regroup complies with the Children’s Online Privacy Protection Act of 1998 (“COPPA”).

COPPA requires that service providers never knowingly request, collect, store or use personally identifiable information from anyone under the age of 13 without first obtaining verifiable parental consent. In accordance with COPPA, before a User under the age of 13 commences use of the Inpathy Service or otherwise provides Inpathy with such User’s PII or PHI, we require permission from such User’s parent or legal guardian (a “Parent”) to do so, as set forth below.

Verifiable Parental Consent

Before a User under the age of 13 can use the Inpathy Service or otherwise submit PII, PFI or PHI to InSight + Regroup via the Website or otherwise, he or she must have his or her Parent contact InSight + Regroup via the contact information below. Such Parent must provide InSight + Regroup with an email electronically signed by that Parent that includes (i) the Parent’s and child User’s full names; (ii) a sentence confirming such Parent’s consent for InSight + Regroup to collect, store and use the PII, PFI and PHI of such Parent’s child User in connection with this Privacy Policy; (iii) a sentence confirming that such Parent agrees to be bound by the Terms and Conditions on Parent’s or his or her child User’s behalf; and (iv) a scanned image of such Parent’s driver’s license or other government-issued identification. InSight + Regroup will then verify such Parent’s identity by checking the government-issued identification against databases of such information and, upon confirmation, will send the Parent and the child User an email advising such entities that the child User may use Inpathy in accordance with the Terms and Conditions. InSight + Regroup will then promptly delete the Parent’s license or government-issued identification information.

Alternatively, a Parent may call the toll free number below to schedule a videoconferencing appointment with a trained InSight + Regroup representative to offer verifiable parental consent.

InSight + Regroup Contact Information

Please send all requests for Parental Consent to:

InSight + Regroup
1120 Rt 73, Suite 300
Mount Laurel, NJ 08054
1.800.442.8938, option 4

Disclosure Practices

InSight + Regroup does not make the PII, PFI, or PHI of its Users (including child Users) available to the general public. However, such information is made available and disclosed to such child User’s Provider (including, as applicable, InSight + Regroup Provided Professionals, and InSight + Regroup’s cloud provider, Mahler Health PM,) as set forth in this Privacy Policy. Such entities are required, via agreement with InSight + Regroup, to keep User’s PII, PFI and PHI confidential and not to disclose the same. The disclosure of PII (including child User PII) to these entities is integral to the service. InSight + Regroup uses such child User PII, PFI, and PHI solely to provide the Inpathy Service and to facilitate the mental health treatment of such child User’s Provider and/or associated Organization. InSight + Regroup does not otherwise sell, transfer, disclose or distribute child User PII, PFI, and/or PHI to any other person or entity.

Parental Review and Access

A Parent may review the PII InSight + Regroup collects from that Parent’s child User and, upon request, may require InSight + Regroup to delete such PII from InSight + Regroup’s and its affiliates records and servers or otherwise correct such PII. A Parent may also contact InSight + Regroup to request that InSight + Regroup and its affiliates cease further collection or use of such Parent’s child User’s PII. To do so, please contact InSight + Regroup by mailing a request using the contact information provided below.

Retention of Information

InSight + Regroup and its affiliates will only retain a child User’s PII for as long as is necessary to allow the child User to use the Service or to otherwise comply with state, local and federal law. InSight + Regroup will use commercially reasonable efforts to delete a child User’s PII as promptly as possible after a child User has ceased use of the Service or upon request by a child User’s Parent.

General Provisions

What PII, PFI and PHI does InSight + Regroup collect?

Certain of the information and content provided by InSight + Regroup on the Website or through the Service is available without InSight + Regroup collecting any PII, PFI or PHI. However, in using and viewing the Website or the Service, or in otherwise providing your PII or PHI to InSight + Regroup or through the Service, you understand and agree that InSight + Regroup and its affiliates may use your PII and PHI subject to the terms of this Privacy Policy and applicable law. InSight + Regroup may require the collection of financial information including credit card information, insurance information or other information relating to payment or eligibility of services requested

InSight + Regroup may collect the following PII, PFI or PHI in connection with the Website or the provision of the Service:

1. Name

2. Address

3. Social Security Number

4. Phone Number

5. Medical History / Current Ailments

6. Physician Information

7. Email address

8. Financial or payment information including credit card information

9. Prescriptions

10. Diagnoses

11. Credit card information, insurance information or other information relating to payment

12. Other medical or clinically related information customarily included within a medical record

When does InSight + Regroup collect PII or PHI?

Except as otherwise provided herein, InSight  + Regroup or its affiliates only collect PII or PHI that you provide voluntarily through the Website, the Service or to an employee, representative or agent of InSight + Regroup or its affiliates. Some examples of times when InSight + Regroup or its affiliates collect PII or PHI include when you:

  • Create a User Account;
  • Transmit PII or PHI through the Inpathy Service;
  • Provide PII or PHI to your Provider, Facilitator or Organization and such Provider, Facilitator or Organization inputs such information via the Inpathy Service;
  • Send an email to InSight + Regroup or otherwise contact InSight + Regroup or its employees, agents or representatives via the Website, the Service or otherwise;
  • otherwise directly provide InSight + Regroup with PII or PHI; or

How does InSight + Regroup use your PII, PFI and PHI?

InSight + Regroup uses your PII, PFI and PHI for the following purposes:

  • To respond to your emails or inquiries sent to InSight + Regroup, its representatives, agents, or employees;
  • To conduct a transaction that you have authorized, such as the transfer of funds in connection with a subscription to the Inpathy Service;
  • To provide you with information about InSight + Regroup and its products and services;
  • To alert you to special events, volunteer opportunities, updated information and other news and information from InSight + Regroup;
  • To provide your Facilitator, Organization and/or Provider with access to your PII and/or PHI via the Inpathy Service; and

In addition, InSight + Regroup may hire other companies to perform services on its behalf such as operating certain aspects of the Website or the Service or sending you email. These other companies may be supplied with or have access to your PII, PFI or PHI for the sole purpose of providing these services to InSight + Regroup or on InSight + Regroup’s behalf. We require these companies to protect and safeguard your PII, PFI and PHI to the same extent as we do.

How does InSight + Regroup disclose your PII?

Though we will make commercially reasonable efforts to preserve User privacy and to protect PII, we may need to disclose PII when required by law or if we have a good-faith belief that the action is necessary to comply with a pending judicial proceeding, a court order or legal process served on InSight + Regroup or to protect InSight + Regroup’s rights or the rights of others, to fight fraud, identity theft, to ensure the integrity and operation of InSight + Regroup’s business and systems, or to protect the rights, property or safety of InSight + Regroup, its employees or others.

How does InSight + Regroup disclose your PHI?

Because we are a business associate of a number of health care providers, we are required to comply with many of the privacy and security requirements of the Health Insurance Portability and Accountability Act of 1996, as amended, (“HIPAA”). We protect your PHI as required by HIPAA and will only disclose PHI in one of the following situations:

  • We receive your prior authorization.
  • We are required by law to disclose the information.
  • The disclosure is permitted by HIPAA.

How We Share Your Information

We will not disclose your PII, PFI or PHI to others without your permission, except as provided in this Privacy Policy.

Aggregate Information

On an aggregate basis only, we may collect comprehensive demographic and other non-identifying information about users of the Website and the Service. InSight + Regroup will never disclose any PII, PFI, or PHI as part of this aggregate information but we may lend, sell, share or otherwise disclose aggregate information with others so we can perform research and provide the results to third parties, enhance and market the Website and/or the Service, and conduct accounting and process record keeping functions.

Data Security

To prevent unauthorized access, maintain data accuracy, and ensure the correct use of PII, PFI and PHI, we have put in place or made our best efforts to ensure the existence of reasonable, industry-standard physical, electronic, and administrative procedures to safeguard and secure the PHI, PFI and PII we collect and store online and to protect the loss, misuse, and alteration of the PHI, PFI and PII under our control. We comply with the HIPAA security and privacy requirements with respect to safeguarding and securing your PHI and have implemented such safeguards as data encryption, and encrypted authentication. Unfortunately, no data transmission over the Internet can be guaranteed to be absolutely secure. As a result, while we strive to protect your PII, PFI and PHI, we cannot ensure or warrant the security of any information you transmit to us, if your website access credentials have been compromised due to no fault of InSight + Regroup or its associated providers. If InSight + Regroup provides you with a user name and password to access the Website, we disclaim any responsibility for a breach of privacy as a result of your knowing, willing, negligent, or inadvertent disclosure of your user name and password to anyone other than a Facilitator using Inpathy on your behalf.

Other Websites and Links

On InSight+ Regroup’s Website, through the Service or in correspondence sent to you by InSight + Regroup, InSight + Regroup may include links to other websites that it thinks will be of interest to you or that are operated by our business partners, affiliates, advertisers, and others. These third parties have separate data collection and privacy practices independent from InSight + Regroup’s and InSight + Regroup cannot be responsible for their policies or activities. Please contact those third parties directly if you have questions about their privacy policies.

Cookies, Web Beacons, Clear Gifs, and IP Addresses

InSight + Regroup may also use a feature of your browser called a “cookie.” Your cookie automatically identifies your computer – but not you – to our servers when you visit the Website and allows us to correlate your computer with certain usage patterns which may be stored in our log files. We use cookies to gather general, aggregate statistics about the overall popularity and usage of the Website and/or the Service. InSight + Regroup also uses more temporary cookies, often referred to as session cookies, to keep a User logged into the system and aid in the exchange of information between pages without loss of data. Such a cookie, however, is only stored for the current browsing session and is deleted once the browser is closed. InSight + Regroup can also only read cookies from the Website. Search for Cookies under your Web browser’s Help menu for more information on cookie management features available to you. If your browser is set to reject all cookies, the Website may not function properly.

Additionally, we may use IP address information to count and track aggregate visits to the Website or the Service, to help diagnose problems with our or Mahler Health PM’s servers, and to administer the Website or the Service. InSight + Regroup does not link IP addresses to anything identifying a specific person, so while a particular user’s session can be tracked, the user remains completely anonymous.

Moreover, InSight + Regroup may collect information through the use of clear gifs (also called Web Beacons and Web Bugs) in selected email messages we send to you. These are tiny graphic files, not visible to the human eye, that are included in HTML-based emails and used to let us know which emails we send are opened. Clear gifs may also see or read cookies on your computer. When authorized by InSight + Regroup, third parties specializing in monitoring aggregate statistical use of our site with whom we contract, may use cookies, our web log files, web beacons, and other monitoring technologies to compile anonymous aggregate data.

Changes to this Privacy Policy

We encourage you to review our Privacy Policy not just the first time you visit the Website but periodically afterwards since we may modify our Privacy Policy from time to time. The date of the last update of the Privacy Policy will always be posted below:


If we make any substantive changes to our Privacy Policy in the future with regard to how we use your PII, PFI or PHI, we will incorporate those changes here. Your continued use of the Website or the Service after the changes are posted constitutes your agreement to the changes, both with regard to information we have previously collected from you and with regard to information we collect from you in the future. If you do not agree to the changes, please immediately discontinue use of the Website or the Service.

Merger or Sale

If InSight + Regroup is sold or merged with another company, your PII, PFI and PHI may be included as part of the sale. Unless you are notified otherwise, such other company will maintain your PII, PFI and PHI in the same manner as set forth herein.

International Users

Like almost every website, the Site is accessible around the world. By visiting the Site and providing your information, you acknowledge and agree that your PII, PFI and PHI can be stored for the purposes identified in this Privacy Policy. We process and store your information in North America, and your information may be stored on servers located outside your residential jurisdiction and which may have less stringent privacy practices than your own. If you access the Site from outside the United States or conduct sessions with us in any manner, your usage of the Site constitutes consent to the transfer of your data outside of your country and to North America.

Your California Privacy Rights

California Civil Code Section 1798.83 permits customers of InSight + Regroup who are California residents to request certain information regarding its disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us via the contact information below.

Contacting Us

Please feel free to share any comments and concerns with us. If you have any questions about this Privacy Policy or the practices of the Website or the Service, or otherwise wish to contact us in connection with this Privacy Policy please contact us at:

InSight + Regroup
1120 Rt 73, Suite 300
Mount Laurel, NJ 08054

*may be used for parental inquiries