Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule

The HIPAA Privacy Rule was designed to provide privacy standards to protect patients’ medical records and other health information provided to health plans, doctors, hospitals and other health care providers. Developed by the Department of Health and Human Services, these standards provide patients more control over how their personal health information is used and disclosed. Pavana Treatment Group complies with all legal and regulatory requirements of federal, state, and local entities. Confidentiality laws, including 42 CFR Part 2 and HIPAA Privacy Rule regulate Pavana Treatment Group. Pavana Treatment Group will only disclose information after a patient has signed a consent form with narrow exceptions. 42 CFR Part 2 specifies information which must be included on Release of Information forms in order to permit such disclosure. Pavana Treatment Group will not re-disclose information obtained from another entity. In the event that a patient’s records are subpoenaed or court-ordered, Pavana Treatment staff must notify their supervisor immediately to determine an appropriate response in accordance with federal mandates.
Non-Disclosure PolicyThe protection of Pavana Treatment Groups’ and its patients’ confidential and proprietary information and trade secrets is vital to the well-being and success of Pavana Treatment Group. All Pavana Treatment staff agree to the following:
  • Not to disclose any confidential business information of Pavana Treatment Group to outside parties.
  • That the use of confidential business information shall be limited solely to the performance of their jobs at Pavana Treatment Group and that any other use is strictly prohibited.
  • To adhere to all state and federal laws, including but not limited to 42 CFR Part 2, HIPAA, The State Trade Secrets Act, and other state regulations related to patient confidentiality.
Pavana Treatment Group staff who improperly use or disclose trade secrets or confidential or proprietary information will be subject to disciplinary action, up to and including termination of employment and legal action, even if they do not actually benefit from the release of the disclosed information. The legal action could consist of civil and/or criminal action initiated by the Company, state or federal authorities, and/or impacted patient.