Privacy Matters at Nirvana
March 23, 2023
At Nirvana, we build products that make accessing information on your mental healthcare benefits as simple as buying groceries. Our tools ensure that everyone who seeks this information can be informed of the true cost of mental health care services. We do this by tapping into difficult to access insurance information and making it easily accessible to our users through our calculator and API tools. Nirvana systems handle secure data due to the sensitive nature of the healthcare industry. Because mental wellness is a deeply personal experience we place client data and privacy as our top priority.
Our platform is completely HIPAA compliant. Per HIPAA statutes, our system only collects the minimum required data to support insurance operations, e.g., checking eligibility for filing claims, confirming claims statuses, etc. What’s more, Nirvana makes HIPPA compliance simple. The only thing providers need is a HIPAA compliant Electronic Health Records system (EHR) like SimplePractice or TherapyNotes. Nirvana does the rest to ensure security standards are met!
How Nirvana Complies with HIPAA
Nirvana complies with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in four key areas:
1. Uses and Disclosures of Patient Information
Nirvana has strict policies and procedures that govern how we use Protected Health Information (PHI). Nirvana also signs Business Associate Agreements with covered entities such as health insurers. These agreements protect client data by ensuring we never disclose more information than what is strictly necessary in our scope of work in accordance with HIPAA regulations.
2. Individual Rights Regarding Protected Health Information
Nirvana clients can request an accounting of any PHI disclosures we make while filing claims or in investigating coverage. Our dedicated Security Officer responds to any and all requests promptly.
3. HIPAA Privacy and Breach Notifications
If there is a breach of PHI, Nirvana’s Security Officer conducts an in depth investigation. We keep documentation about the investigation readily available for a minimum of six years.
Once the investigation is complete, Nirvana reports breach details to the United States Department of Health and Human Services and any relevant entity who signed the Business Associate Agreement.
4. Workforce Training
All full-time and part-time Nirvana team members undergo intensive HIPAA privacy and security training with a mandated review training every 12 months. Additionally, all team members must pass an in-depth background check and sign a HIPAA acknowledgement form before they start work. The acknowledgement form states that:
- Nirvana will make all efforts to protect the confidentiality of a client’s PHI.
- The employee has received HIPAA training.
- The employee has read Nirvana’s HIPAA policies and will follow them.
- The employee will attend future training as needed.
- The employee will report any HIPAA violations.
Will I know If You Access MyEHR Data?
Yes! We require that clients and/or their therapists provide consent before we review any client's data. We never read clinical notes for any patient, for any reason We only confirm if the notes exist for compliance purposes.
Why HIPAA Compliance Matters To Nirvana
- It is the gold standard for protecting patient privacy. It provides clear guidelines on how patient data may be used and when consent from the patient is required.
- It requires providers to use systems that have strong protections against data breaches. In the unlikely event of a data breach- HIPAA provisions give the provider the right to hold the systems vendor accountable.
- It enables secure data sharing among providers as well as their patient to support care delivery
Privacy and trust between a client and their provider is the cornerstone of mental healthcare. Nirvana is honored to be a trusted financial partner in this journey. Nirvana removes the headaches of accessing insurance benefits while ensuring that a client’s privacy is always protected so more people can seek the care they need with confidence and without financial anxiety.