1. Introduction

Solace Health Group (“we,” “our,” or “us”) is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with applicable privacy laws, including the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

By using our services, visiting our website, or submitting your information via any of our forms (including those hosted on Jotform), you agree to the terms outlined in this Privacy Policy.

2. Information We Collect

We may collect the following categories of information:

a. Personal Identifiable Information (PII)

  • Name, address, phone number, email address

  • Date of birth

  • Emergency contact information

b. Protected Health Information (PHI) (as defined under HIPAA)

  • Medical history, substance use history, mental health information

  • Insurance details, including policy numbers

  • Treatment plans, progress notes, and other health-related documentation

c. Technical & Usage Information

  • IP address, browser type, and device information

  • Pages visited on our website and time spent

  • Referral source (how you found our website)

3. How We Collect Information

We collect information through:

  • Secure Online Forms (Jotform) – HIPAA-compliant platform used for intake forms, verification of benefits (VOB), and contact requests.

  • Phone Calls & Text Messaging – Recorded or documented for quality assurance and compliance.

  • Email Correspondence – Including attachments and follow-up communications.

  • In-Person Interactions – At consultations, interventions, or during service delivery.

4. HIPAA Compliance

We maintain full compliance with HIPAA privacy and security rules. This includes:

  • Limiting access to PHI only to authorized personnel.

  • Encrypting electronic PHI both in transit and at rest.

  • Storing physical records in locked, secure locations.

  • Training all employees and contractors on HIPAA requirements.

  • Executing Business Associate Agreements (BAAs) with all third-party vendors who may have access to PHI, including Jotform.

5. How We Use Your Information

We use your information to:

  • Provide addiction recovery and related support services.

  • Verify insurance eligibility and benefits.

  • Coordinate care with healthcare providers, treatment centers, and support services.

  • Contact you for scheduling, updates, or follow-up.

  • Send secure communications regarding your treatment plan.

  • Maintain business operations, including quality control and service improvements.

  • Comply with legal, regulatory, and contractual obligations.

6. Jotform Usage and Security

We use Jotform, a HIPAA-compliant online form platform, for collecting and processing sensitive information, including PHI.

  • Jotform encrypts form submissions in transit (SSL/TLS) and at rest.

  • PHI submitted through Jotform is stored securely on HIPAA-compliant servers.

  • Only authorized Solace Health Group staff can access form submissions, via secure logins and multi-factor authentication.

7. Sharing of Information

We do not sell your personal or health information.
We may share your information in the following limited situations:

  • With Your Authorization – When you provide written consent (e.g., Release of Information form).

  • For Treatment Purposes – Coordinating with providers, facilities, and other healthcare professionals involved in your care.

  • For Payment Purposes – Processing insurance claims, billing, and related administrative tasks.

  • For Healthcare Operations – Quality assurance, staff training, and compliance audits.

  • When Required by Law – Court orders, subpoenas, or mandated reporting situations (e.g., threats of harm, abuse reporting).

8. Your Rights Under HIPAA

You have the right to:

  • Access your PHI and request copies.

  • Request amendments to your PHI.

  • Receive an accounting of disclosures.

  • Request restrictions on the use or disclosure of your PHI.

  • Request confidential communications.

  • File a complaint without fear of retaliation.

9. Data Retention

We retain your PHI for a period required by federal and state law (generally 7 years from the last date of service). After this period, records are securely destroyed.

10. Data Security

We implement administrative, technical, and physical safeguards, including:

  • Encryption of data in transit and at rest.

  • Multi-factor authentication for system access.

  • Regular security audits and penetration testing.

  • Secure backup and disaster recovery systems.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal requirements or changes in our practices. Updated versions will be posted on our website with a revised “Effective Date.”

12. Contact Information

If you have questions about this Privacy Policy, HIPAA compliance, or how your data is handled, please contact:

Solace Health Group
Phone: +1-949-763-4717
Email: info@solacehealtgroup.com

You may also contact the U.S. Department of Health & Human Services, Office for Civil Rights, regarding HIPAA concerns.