top of page

HIPAA Privacy Protection Notice

V2H Consolidated: Our Commitment to Privacy

V2H Consolidated is a dedicated medical courier service. In the course of providing secure and timely transportation of medical specimens, records, and equipment, we handle Protected Health Information (PHI) on behalf of our clients and their patients. As a business associate under the Health Insurance Portability and Accountability Act (HIPAA), we are committed to maintaining the privacy and security of all PHI entrusted to us, adhering strictly to the HIPAA Privacy Rule and Security Rule.

 

Our Responsibilities Under HIPAA

V2H Consolidated acknowledges its legal and ethical responsibilities to protect the privacy and confidentiality of PHI received from, or created on behalf of, our covered entity clients (e.g., hospitals, clinics, laboratories).

 

1. Protection of PHI

  • Safeguards: We implement administrative, physical, and technical safeguards to prevent the unauthorized use or disclosure of PHI. This includes secure, tracked transportation methods, strict access controls to any data we handle, and robust internal policies.

  • Minimum Necessary: We limit the use and disclosure of PHI to the minimum necessary amount required to perform our courier services and comply with legal obligations.

  • Internal Policies: All V2H Consolidated personnel undergo regular training on HIPAA requirements, privacy protocols, and security procedures. Staff are required to adhere to strict confidentiality agreements.

 

2. Permitted and Required Uses and Disclosures

V2H Consolidated will only use or disclose PHI as permitted or required by our Business Associate Agreements (BAAs) with our covered entity clients or as required by law.

 

  • Services: We use PHI (such as patient names, delivery addresses, and manifest details) only to the extent necessary to perform the contracted services, including pickup, transport, tracking, and delivery of medical items and related documentation.

  • Required by Law: We will disclose PHI when required by federal, state, or local law, or in response to a valid court order or subpoena.

  • Public Health and Safety: We may disclose PHI for certain public health activities or to avert a serious threat to health or safety, as permitted by HIPAA.

 

3. Reporting and Mitigation of Breaches

  • Reporting: V2H Consolidated is required to report to the covered entity client any suspected or confirmed breach of unsecured PHI immediately, but in no event later than 60 calendar days after discovery.

  • Mitigation: We will take prompt and reasonable steps to mitigate the harmful effects of any unauthorized use or disclosure of PHI and prevent future occurrences.

 

4. Patient and Client Rights

Since V2H Consolidated acts as a business associate, patient rights concerning access, amendment, and accounting of disclosures of their PHI must be exercised directly through the covered entity (your healthcare provider or partner). We will, however, cooperate fully with our covered entity clients to help them fulfill their obligations to their patients regarding these rights, as specified in our BAA.

 

Contact Information

For questions regarding V2H Consolidated's compliance with HIPAA or our privacy practices, please contact our HIPAA Compliance Officer:

 

HIPAA Compliance Officer: Danielle Petty

Email: info@v2hconsolidated.com

This notice is provided to fulfill V2H Consolidated’s obligations as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA). Please note that this notice describes V2H Consolidated’s obligations to its clients and partners; individual patients should refer to the Privacy Practices Notice provided by their healthcare provider (the Covered Entity).

bottom of page