+1 301-501-5779

7310 Ritchie Hwy., Suite 519, Glen Burnie, MD 21061

BOOK AN APPOINTMENT

Privacy Policy

MedHaven Health Privacy Policy

Effective Date: 02/06/2022
Last Updated: 02/16/2026

MedHaven Health: (“MedHaven Health,” “we,” “our,” or “us”) is committed to protecting the privacy and security of our patients’ personal and health information. This Privacy Policy describes how we collect, use, protect, and disclose your information, including Protected Health Information (PHI), and how we ensure compliance with applicable federal and state privacy laws, including the Health Insurance Portability and Accountability Act (HIPAA).

Information We Collect

We may collect the following types of information:
Personal Information

  • Full name
  • Date of birth
  • Address
  • Phone number
  • Email address
  • Emergency contact information

Health Information (Protected Health Information – PHI)

  • Medical history
  • Diagnosis and treatment information
  • Medication lists
  • Laboratory results
  • Insurance information
  • Provider notes and clinical documentation

Technical Information

  • IP address
  • Browser type
  • Device information
  • Portal usage and login activity

This information may be collected through in-person visits, our website, patient portal, telehealth services, electronic intake forms, and communication systems.

How We Use Your Information

We use your information for the following purposes:

  • Providing medical care and treatment
  • Scheduling appointments and managing patient records
  • Processing billing and insurance claims
  • Communicating with you regarding your care
  • Improving healthcare services and operations
  • Meeting legal and regulatory requirements

We do not sell or rent your personal or medical information.

Protection of Your Information

MedHaven Health uses Tebra-EHR, a renowned EHR company that uses google cloud for its infrastructure. This means it meets all administrative, technical, and physical safeguards requirements to protect your personal and health information, including:

  • Encryption of data in transit and at rest
  • Secure login authentication and access controls
  • Role-based access to electronic health records
  • Continuous monitoring and security audits
  • Secure network infrastructure and firewalls
  • Automatic data backup and recovery systems

Access to patient information is limited only to authorized personnel who require it to perform their job functions.

Use of Secure Cloud Systems

MedHaven Health utilizes secure, HIPAA-compliant cloud-based systems to store and manage patient information. These systems provide:

  • End-to-end encryption
  • Secure data storage and redundancy
  • Access control and authentication protocols
  • Audit logs to track access and changes
  • Continuous security monitoring

All cloud service providers used by MedHaven Health enter into Business Associate Agreements (BAAs) as required under HIPAA to ensure proper handling and protection of Protected Health Information.

Compliance with Privacy Laws and Regulations

MedHaven Health operates in full compliance with applicable federal and state privacy laws and regulations, including but not limited to:

  • Health Insurance Portability and Accountability Act (HIPAA)
  • Health Information Technology for Economic and Clinical Health Act (HITECH)
  • Maryland state privacy and medical record protection laws

To ensure compliance, MedHaven Health implements:

  • Written privacy and security policies
  • Regular staff training on HIPAA and data privacy
  • Access monitoring and audit controls
  • Breach detection and incident response procedures
  • Risk assessments and security reviews
  • Secure electronic health record (EHR) systems

We continuously review and update our policies and procedures to maintain compliance with evolving legal and regulatory standards.

How We Share Information

We may share your information only as permitted or required by law, including:

  • With healthcare providers involved in your treatment
  • With insurance companies for billing purposes
  • With laboratories and diagnostic service providers
  • When required by law, court order, or public health authorities
  • With authorized business associates who support our operations

All third parties receiving Protected Health Information are required to maintain confidentiality and security.

Patient Rights

You have the following rights regarding your health information:

  • Right to access your medical records
  • Right to request corrections to your records
  • Right to request restrictions on certain disclosures
  • Right to request confidential communications
  • Right to receive an accounting of disclosures
  • Right to file a complaint if you believe your privacy rights have been violated

Requests may be submitted in writing to our office.

Data Retention

MedHaven Health retains patient records in accordance with applicable federal and Maryland state laws and medical record retention requirements. When records are no longer required, they are securely destroyed.

Website and Portal Security

Our website and patient portal use secure encryption (HTTPS) and authentication protocols to protect your information. Users are responsible for maintaining the confidentiality of their login credentials.

Breach Notification

In the event of a data breach involving your Protected Health Information, MedHaven Health will notify affected individuals and regulatory authorities in accordance with HIPAA and applicable laws.

Contact Information

If you have questions about this Privacy Policy or your privacy rights, please contact:
MedHaven Health
7310 Ritchie Hwy. Suite 519
Glen Burnie, Maryland
Phone: 301-501-5779

Changes to This Policy

MedHaven Health reserves the right to update this Privacy Policy at any time. Updated versions will be posted on our website with an effective date.