Privacy Policy

Effective Date: April 7, 2026

At Serenova Healthcare Consulting ("Serenova," "we," "us," or "our"), your privacy and the security of your practice data are our highest priorities. This Privacy Policy explains how we collect, use, and protect information when you visit our website or engage our consulting services.

1. HIPAA Compliance & PHI

As a healthcare management consulting firm, Serenova often operates as a **Business Associate** under the Health Insurance Portability and Accountability Act (HIPAA). In this capacity, we may handle Protected Health Information (PHI) on behalf of our clients (Covered Entities).

Business Associate Agreements (BAA)

We do not access, receive, or maintain PHI until a formal Business Associate Agreement has been executed between Serenova and the client. This agreement strictly governs our use and disclosure of PHI in accordance with federal law.

  • We implement rigorous administrative, technical, and physical safeguards.
  • Minimal Necessary Access: We only access the data required to perform our consulting duties.
  • We do not sell or lease any PHI or client data to third parties.

2. Information We Collect

We collect information in the following ways:

  • Direct Interactions: Information you provide when filling out forms, scheduling consultations, or contacting us via email.
  • Website Analytics: We use industry-standard tools to collect non-identifying information such as IP addresses, browser types, and page visit patterns to improve our user experience.
  • Consulting Engagements: Data provided by clients for operational analysis, which is handled under strict confidentiality and/or BAA protocols.

3. Use of Information

We use the information collected to:

  • Provide, maintain, and improve our consulting services.
  • Respond to inquiries and schedule professional consultations.
  • Analyze practice operations to provide strategic recommendations.
  • Comply with legal obligations and regulatory requirements.

4. Data Security

Serenova utilizes enterprise-grade security measures to protect your information from unauthorized access, alteration, or destruction. This includes encrypted communications (SSL/TLS), secure cloud storage, and strict internal access controls.

5. Your Rights

Depending on your location and the nature of our engagement, you may have rights regarding your personal data, including the right to access, correct, or request the deletion of your information. For inquiries regarding data handled under a BAA, please contact your practice administrator directly.

6. Contact Us

If you have questions about this Privacy Policy or our data handling practices, please contact our compliance team at:

Email: info@serenovahealthcareconsulting.com
Address: Serenova Healthcare Consulting