HIPPA Compliance

Seven Reveries ("we," "our," or "us") is dedicated to protecting the privacy, security, and confidentiality of all client Protected Health Information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA) of 1996 and applicable federal and state regulations.

This HIPAA Compliance Statement explains how we collect, use, store, and protect your health-related information, as well as your rights regarding your PHI. By using our website, scheduling an appointment, or receiving IV therapy services, you acknowledge and agree to the terms outlined in this policy.

PHI refers to any individually identifiable health information that is created, received, stored, or transmitted by Seven Reveries in relation to your healthcare services. This includes:

Your full name, address, phone number, and date of birth

Your medical history, treatment plans, and healthcare services received

Your insurance and billing details

Any other information that can be used to identify you in a medical or healthcare context

We are required by law to maintain the privacy of your PHI and to provide you with this statement outlining our legal duties and privacy practices.

For Treatment: We use PHI to provide IV therapy services, assess medical history, coordinate care, and ensure safe administration of treatments.

For Payment: We use PHI to process payments, verify insurance coverage, and manage billing for our services.

For Healthcare Operations: We use PHI to conduct quality assurance, staff training, compliance monitoring, and administrative record-keeping.

We may disclose PHI without your written consent in certain legally required situations, including:

Public Health Reporting: Reporting infectious diseases, adverse reactions, or product recalls to government authorities.

Legal and Regulatory Compliance: When required by law, court order, or subpoena.

Medical Emergencies: To prevent serious threats to health and safety.

Law Enforcement Requests: For criminal investigations, fraud prevention, or legal inquiries.

We will obtain your written authorization for any PHI disclosures not covered under permitted uses. Examples include:

Marketing or promotional communications involving PHI

Disclosure of PHI to third-party researchers

Sharing PHI with non-treatment/payment/operations entities

You may revoke your authorization at any time by submitting a written request to Seven Reveries.

You may request a copy of your medical records or treatment history. A reasonable fee may apply.

You may request corrections to inaccurate or incomplete PHI.

You may request limitations on how we use or share your PHI, subject to legal constraints.

You may request specific methods of communication (e.g., phone, email, mail) for receiving PHI.

You may request a list of non-routine PHI disclosures.

If you believe your HIPAA rights were violated, you may file a complaint with:

Seven Reveries’ Privacy Officer

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR)

We do not retaliate against individuals who file complaints.

HIPAA training for employees

Access controls for authorized personnel only

Documented policies for PHI handling and disposal

Locked file cabinets for paper records

Restricted areas for staff only

Encrypted digital PHI

Secure electronic health record (EHR) systems

Firewalls and access protocols

In case of a data breach, affected individuals will be notified per HIPAA’s Breach Notification Rule.

Seven Reveries may partner with business associates (e.g., payment processors, scheduling platforms) who handle PHI. All associates:

Must sign a Business Associate Agreement (BAA)

Are required to follow HIPAA-compliant protocols

Any unauthorized access, use, or disclosure of PHI that compromises privacy.

In the event of a breach, we will:

Investigate and assess the scope

Notify affected individuals within 60 days

Report to HHS as necessary

Take corrective actions

Notifications may be delivered by phone, email, or written notice.

We retain PHI and medical records for the legally mandated period, after which they are securely disposed of in accordance with HIPAA.

We may update this statement as laws or practices evolve. Changes will be posted on our website. Continued use of services implies acceptance of updates.

If you have questions, wish to exercise your rights, or need to file a complaint, contact:

Seven Reveries

email: info@reverisglobal.com