Blog

Privacy and other issues with Hazel Health telehealth counseling in Chicago Public Schools

Illinois Families for Public Schools sent a letter to the Chicago Board of Education on May 5, 2025 with a list of concerns about privacy and other issues with a new telehealth program where mental health services are provided by for-profit company Hazel Health. IL-FPS urges the Board to answer the questions posed in the letter and revise the consent forms that parents agree to when they sign their student up for services.

The acute need for additional access to mental health services for the students of Chicago Public Schools should not require the young people receiving those services to waive their rights to privacy, nor have their personal information exploited commercially.

You can read the full letter here. The four primary concerns presented include:

  • Only one of two contracts with Hazel Health are available on the CPS website. The list of data collected that is included in one of the contracts does not appear to be complete; it does not list any medical information or video or audio data as being collected, which does not make sense given the nature of the services provided by Hazel Health. Under the Student Online Personal Protection Act, parents and the public should have access to a list of what information is being shared with a third-party company.
  • Pages on the Hazel Health website that parents are directed to include tracking by Amazon and Alphabet (Google’s parent company). This type of commercial surveillance, especially for a site providing mental health services, is not acceptable.
  • The terms in the consent/authorization form that parents agree to in order to sign students up for services are deeply problematic and conflict with state law and CPS policy. Among other things, parents agree that data shared with Hazel “may not be secure and may be illegally accessed by a third party” and that their child’s information can be used for commercial and research purposes.
  • Online job review sites report that caseloads for Hazel Health therapists may be up to ten clients per day or 35 clients per week. This raises issues about working conditions for clinicians and the impact of that on the students who are receiving services.

The questions for the Board posed in the letter are:

  1. What data elements of students’ covered information are being collected, transmitted and held by Hazel Health and its subcontractors?
  2. What student records and covered information generated in the course of receiving services from Hazel Health are shared back to CPS? Which CPS employees have access to them? Who determines this? How are these student records shared?
  3. How is confidentiality for students aged 12-17 years protected with respect to limitations on parental access?
  4. How many students does one therapist see per day and per week?
  5. How much time do therapists have to prepare for and respond to client sessions?
  6. What, if any, direct, real-time communication takes place between clinicians and school staff?

Illinois Families for Public Schools urges the Board to (i) provide families with answers to all the above questions, (ii) post any and all legal agreements between Hazel Health, United Healthcare (the funder of the current program) and the Chicago Board of Education publicly on the CPS website, (iii) revise and reissue any consent and policy documents that Hazel Health requires families to agree to in order to for children to access services, and, if needed, renegotiate any agreements with Hazel Health to ensure that no student information or records provided to or processed by them will be used for anything other than providing telehealth services.

New York City rolled out a telehealth mental health program last fall that was a contract between Talkspace and the city’s Department of Health that has been widely promoted by the NYC Department of Education for public school students there as well. It has had major privacy issues (see here and here) flagged by the Parent Coalition for Student Privacy and other privacy advocates. Ultimately, the contract between NYC and Talkspace was rewritten, but problems with tracking users on their website have yet to be resolved.

Blog

Background on need to strengthen NYC Chancellor’s regs on student privacy

Please read and sign our letter, already signed by several members of the Chancellor’s Data Privacy Working Group as well as education advocacy organizations and NYC Council Members, in opposition to the weakening of DOE’s student privacy protections in their proposed amendments to Chancellor’s regulation A-820. If you would like to sign on, please fill out this form.

These revisions would allow DOE to disclose a vast array of highly sensitive student data to any individual or business they please, including students’ and parents’ names, email addresses, cell phones, home addresses, photos, and more, as long as they believe it would benefit the DOE or the students involved, with only a highly unreliable parent opt out method to prevent this. The weakening of this regulation is up for a vote at the May 28 Panel for Educational Policy meeting, after the initial vote on this measure was delayed in October because of parent and advocate concerns and over 3,000 emails sent to the Chancellor and PEP members.  More background on this issue is below.

Blog

Risks of using AI in the classroom

April 8, 2025

The annual conference of Network for Public Education, on whose board I sit, was held last weekend in Columbus, Ohio.  It was terrific as usual, with wonderful speeches and incisive and illuminating workshops and panel discussions on how to strengthen our public schools and protect them from the depredations of budget cuts, privatization, and censorship.  We also heard from Gov. Tim Walz, who gave an impassioned speech against Trump’s attempt to dismantle our education system.  More about this here.

We also organized a workshop on the risks of using AI in the classroom, including the risks to student privacy, featuring our co-chair Cassie Creswell and  Peter Greene, education guru and blogger.

Our presentation is here and embedded below.  If your group would like a similar presentation, please email us at info@studentprivacymatters.org

thanks,

Leonie Haimson, co-chair, Parent Coalition for Student Privacy

AI for NPE final
Blog

Presentation to the Data Privacy Working Group on the problems with DOE’s proposed privacy regs as well as their overall privacy policies and practices

March 5, 2025

Today, the DOE Data Privacy Working Group met for the first time, appointed by Chancellor Ramos to strengthen  weaknesses in proposed revisions to Chancellors Regulations A 820 pertaining to student privacy, and the DOE’s overall data privacy policies and practices.

This meeting was very important, considering how over many years, DOE has long treated student personal data in an overly lax fashion, leading to numerous breaches and the sale and commercialization of their information – contrary to the state student privacy law, Ed Law 2D, passed in 2014.

Below is embedded our presentation to the Working Group, also post here in English and in Spanish..  It followed presentations  from Dennis Doyle, DOE’s chief privacy officer, Louise DeCandia, NYSED Chief Privacy Officer, and Naveed Hassan, a parent member of the PEP who is a technology expert.

Much thanks to Maggie Sanchez,  Co-founder of Protect NYC Special Education, for the Spanish translation!

Blog

Watch our new video about Talkspace continuing violations of NYC teen privacy

Please watch the brief video above about how the online mental health company Talkspace, which has a $26M contract with the NYC Department of Health, continues to share NYC teen data with ad trackers and social media companies — the very same companies NYC is suing for undermining their mental health. This is despite our repeated letters to the Department of Health, raising our privacy concerns starting last September.

Also, check out this recent piece in Gizmodo, that reports that now Seattle and Baltimore schools also have similar contracts with Talkspace to provide free mental health to teens, with likely similar data privacy violations.

Moreover, as the Gizmodo article revealed, Talkspace is now developing a “Personalized Podcast” created through AI, that harvests patients’ personal mental health info from their therapy sessions and feeds it back to them in the form of a sound file. One can only imagine the damage this could cause to vulnerable teens if someone got hold of the sound files on their phones or they themselves played them back inadvertently in public. Not even considering how the use of AI chatbots can itself be perilous, as shown by the recent lawsuit filed by parents who allege that a chatbot caused their son to commit suicide.

One clarification: though the Gizmodo article notes that after we brought attention to this issue, ad-trackers were removed from the NYC Teenspace landing page, we found many other pages on its website are still collecting and disclosing teens’ personal data,  as our video explains above, including the page featuring the new supposedly improved Teenspace Privacy Policy.  We wrote about our findings in our most recent letter sent to the NYC Department of Health more than a month ago, and yet have gotten no response.

Parents: If your child has visited the Teenspace website or has signed up for their services, please contact us at info@studentprivacymatters.org as soon as possible.