Privacy Policy

OnVerra Health LLC ("OnVerra Health," "we," "us," or "our") is committed to protecting the privacy of our clients, employees, applicants, and website visitors. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

1. Information We Collect

Personal Information

We may collect personal information that you voluntarily provide, including but not limited to:

• Name, date of birth, and contact information (phone, email, address)
• Emergency contact information
• Insurance and payment information
• Employment application details (work history, certifications, references)
• Information submitted through our website contact form or care inquiry form

Protected Health Information (PHI)

As a licensed home health care service firm, we collect and maintain health-related information necessary to provide care, including medical history, care plans, physician orders, and visit records. The use and disclosure of PHI is governed by the Health Insurance Portability and Accountability Act (HIPAA) and our Notice of Privacy Practices, which is provided to all clients at intake.

Website Information

When you visit our website, we may automatically collect technical information such as your browser type, IP address, and pages visited. We do not use tracking cookies for advertising purposes.

2. How We Use Your Information

We use the information we collect to:

• Provide, coordinate, and manage home health care services
• Process employment applications and manage employee records
• Respond to inquiries submitted through our website
• Comply with New Jersey state regulations (N.J.A.C. 13:45B) and CHAP accreditation standards
• Send appointment reminders, care notifications, and operational communications
• Process billing and insurance verification
• Conduct quality assurance and performance improvement (QAPI) activities
• Fulfill legal and regulatory obligations

3. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share information only in the following circumstances:

• For treatment, payment, and health care operations as permitted by HIPAA
• With your physicians and other health care providers involved in your care
• With insurance companies and payers for billing and authorization purposes
• With regulatory agencies as required by New Jersey law (NJ Division of Consumer Affairs, Department of Health)
• With CHAP accreditation surveyors during quality review site visits
• With service providers who assist our operations (e.g., email delivery, cloud hosting) under business associate agreements
• As required by law in response to court orders, subpoenas, or legal process

4. Data Security

We implement administrative, technical, and physical safeguards to protect your information, including:

• Encrypted data transmission (SSL/TLS) for all website communications
• Role-based access controls limiting data access to authorized personnel
• Automatic session timeouts on authenticated systems
• Regular security assessments and audit logging
• HIPAA-compliant cloud infrastructure with point-in-time recovery backups

While we strive to protect your information, no electronic transmission or storage method is 100% secure. If you believe your information has been compromised, please contact us immediately.

5. Your Rights

You have the right to:

• Request access to the personal information we hold about you
• Request correction of inaccurate information
• Request restrictions on certain uses of your health information
• Receive an accounting of disclosures of your health information
• File a complaint with us or with the U.S. Department of Health and Human Services if you believe your privacy rights have been violated

For HIPAA-related rights, please refer to our Notice of Privacy Practices provided at intake.

6. Data Retention

We retain personal and health information in accordance with New Jersey regulations, which require home health care records to be maintained for a minimum of 10 years. Employment records are retained as required by applicable federal and state employment laws. Website inquiry data is retained for up to 2 years.

6.5 New Jersey Data Privacy Act (NJDPA) Rights

Under the New Jersey Data Privacy Act (N.J.S.A. 56:8-166.4 et seq.), New Jersey residents may exercise the following rights with respect to non-medical personal information OnVerra Health collects through our website, marketing channels, and employment-application surfaces:

• Right to delete — request removal of your personal information.
• Right to access (export) — request a copy of the personal information we hold about you.
• Right to correct — request correction of inaccurate personal information.

HIPAA exemption (A5017). The NJDPA does not apply to Protected Health Information (PHI) handled by OnVerra Health under HIPAA. Requests about patient records, care plans, visit notes, billing for services rendered, or employee medical files are handled through our HIPAA Notice of Privacy Practices, not through the NJDPA channel below.

We will respond to verifiable NJDPA requests within 45 days of receipt (N.J.S.A. 56:8-166.10(c)). If we need additional time, we will notify you in writing.

7. Children's Privacy

Our website is not directed to children under 13. We do not knowingly collect personal information from children under 13 through our website. If we provide home health care services to minors, information is collected from and managed by their parent or legal guardian.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically.

9. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us: