General information
JSA Mental Health Consultants provides educational services, staff training, student curricula, peer programs, postvention guidance, and compliance support related to suicide prevention and mental health awareness for schools serving students ages 10–18. Our programs are educational and preventive in nature and do not constitute clinical mental health treatment, counseling, diagnosis, or therapy.
Important Note on Applicability of HIPAA and FERPA

JSA Mental Health Consultants is generally not a HIPAA-covered entity. We do not provide direct healthcare services, bill health plans electronically for treatment, or maintain “protected health information” (PHI) as defined under HIPAA in the course of our standard educational offerings.

Student records created or maintained in connection with our school-based programs are typically considered education records subject to the Family Educational Rights and Privacy Act (FERPA) when maintained by or on behalf of the school. Schools remain primarily responsible for FERPA compliance.

However:
If any limited personally identifiable information (e.g., names, contact details for training attendance or compliance reporting) is collected, we treat it with the highest level of confidentiality. In rare cases where we might receive or create information that could qualify as PHI (e.g., during postvention consultation involving specific crisis details), we will apply HIPAA-like safeguards and enter into a Business Associate Agreement (BAA) with the school or district if required.

We comply with all applicable federal and state laws, including Mississippi Department of Education (MDE) and Department of Mental Health (DMH) requirements for suicide prevention training and data handling. This document serves as our Privacy Policy and outlines our internal HIPAA Protocol (for any potential covered activities). It should be provided to schools, districts, staff, parents, and participants as appropriate.

What Information We Collect
We may collect the following types of information in connection with our services:
  • Contact and Administrative Data: School/district name, administrator or staff names, email addresses, phone numbers, and training attendance records (for compliance reporting under the Jason Flatt Act and related Mississippi laws).
  • Aggregate/Anonymous Data: De-identified survey responses, participation metrics, or program outcome statistics to improve services and demonstrate compliance/impact (no individual student identifiers).
  • Limited Student-Level Data (with School Authorization): In voluntary programs (e.g., peer leader training or screening awareness), we may receive or handle student names or basic identifiers only as directed by the school and solely for educational purposes. No clinical notes, diagnoses, or treatment records are created or maintained by JSA.
  • Crisis/Postvention Information: High-level consultation details (without creating treatment records).
We do not collect, store, or transmit detailed mental health treatment records, psychotherapy notes, or billing-related health information.
How We Use and Disclose Information
Your information is used solely for:
  • Delivering and administering our educational programs and trainings.
  • Generating compliance reports for schools/districts (e.g., proof of staff training completion).
  • Improving our curricula and services (using de-identified data).
  • Responding to legal requirements or emergencies.
  • Permitted Disclosures (without additional authorization):

  • To the contracting school or district for their internal use and FERPA compliance.
  • To our own staff, trainers, or contractors who need access on a “minimum necessary” basis (all bound by confidentiality agreements).
  • In emergencies involving imminent harm to self or others (we will direct to 911, 988 Suicide & Crisis Lifeline, or appropriate school protocols).
  • As required by law (e.g., court order, mandatory reporting of child abuse/neglect).
  • De-identified/aggregated data for research, grant reporting, or marketing of our services.
We do not sell personal information, use it for marketing unrelated to our services, or share it with third parties except as described above or with explicit school/parental authorization where required.
HIPAA Protocol (If Applicable)
Although we are typically not a covered entity, JSA maintains the following safeguards to align with HIPAA best practices where any health-related information might be involved:
  • Privacy Officer: Dr. Jasmyn S. Allen is responsible for overseeing privacy practices and responding to inquiries.
  • Minimum Necessary Rule: Access to any identifiable information is limited to those who need it for their role.
  • Safeguards:
      Physical: Secure storage of any paper materials.
      Technical: Password-protected systems, encryption for electronic transmission when needed, secure digital platforms with access logs.
      Administrative: Annual staff training on confidentiality, signed confidentiality agreements, and sanctions for violations (up to termination).
  • Business Associate Agreements: We will sign BAAs with schools or other entities when acting in a capacity that could involve PHI.
  • Breach Notification: Any suspected breach of identifiable information will be investigated promptly. Affected parties (and, if applicable, HHS) will be notified as required by law.
  • Individual Rights: If we hold any PHI, individuals (or their parents/guardians for minors) may request access, amendment, or an accounting of disclosures, subject to legal limitations. Requests should be made in writing to the Privacy Officer.
Security Measures
  • All staff and trainers receive training on privacy and confidentiality upon hire and annually thereafter.
  • Data is stored on secure, access-controlled platforms.
  • We use encrypted email or secure portals for any sensitive communications.
  • Regular risk assessments and updates to security practices.
Rights of Schools, Staff, Students, and Parents
  • Access and Correction: Participation in student programs is voluntary; schools/parents can withdraw at any time (subject to contract terms).
  • Opt-Out/Withdrawal: We may disclose information if required by law, including:
  • Complaints: Concerns about privacy practices may be directed to our Privacy Officer or to the U.S. Department of Health and Human Services Office for Civil Rights (if HIPAA applies) or the U.S. Department of Education (for FERPA matters).
Retention and Destruction of Information
  • Administrative and compliance records are retained as required by contract or law (typically 3–7 years).
  • Identifiable information is securely deleted or destroyed when no longer needed.
  • Aggregate data may be retained indefinitely for program improvement.
Changes to This Policy
We may update this Privacy Policy and HIPAA Protocol as needed to reflect changes in services, laws, or practices. Updated versions will be posted on our website and provided to contracting schools. Continued use of our services after changes constitutes acceptance.
Contact Information
  • Privacy Officer: JSA Mental health Consultants / YouthSafe Education Services LLC
  • 1888 Main Street, Ste. C-130,Madison, MS 39110
  • jsamentalhealth@gmail.com
  • 601-642-6692
For immediate crisis support: Call 988 (Suicide & Crisis Lifeline), 911, or contact your school counselor/administrator.
Acknowledgment
By contracting with or participating in JSA Mental Health Consultants’ services, schools, staff, and participants acknowledge review of this policy and agree to its terms. Schools are responsible for obtaining any necessary parental consents or notifications under FERPA or state law.
This document is not legal advice. JSA strongly recommends that schools and districts consult their own legal counsel regarding FERPA, HIPAA, Mississippi-specific requirements (including DMH and MDE guidelines), and overall compliance for suicide prevention programs. We are happy to work with your legal team to customize agreements or BAAs as needed.