top of page

Privacy Policy

A legal disclaimer

IPAA-Sensitive Privacy Policy

NextPhase HR Consulting, LLC

​

NextPhase HR Consulting, LLC (“NextPhase HR,” “we,” “us,” or “our”) is committed to safeguarding the privacy, confidentiality, and security of sensitive personal, employee, and health-related information. This Privacy Policy outlines how we handle information, including Protected Health Information (“PHI”), in compliance with applicable privacy laws, including the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), where applicable.

​

1. Scope of This Policy

​

This Privacy Policy applies to:

    •    Clients, employees, contractors, and business partners

    •    Individuals whose information is provided to us in the course of HR consulting services

    •    Website visitors and individuals who communicate with us electronically or in writing

​

2. Information We Collect

 

We may collect and process the following categories of information:

​

a. Personal and Business Information

    •    Name, contact details, job title, employer information

    •    HR inquiries, consultation details, and service-related communications

 

b. Sensitive Employee Information

    •    Workplace complaints or investigation details

    •    Employment records, disciplinary actions, and performance documentation

    •    Training participation and compliance records

​

c. Protected Health Information (PHI)

When services involve health-related workplace matters, accommodations, leave management, wellness initiatives, or investigations, we may receive limited PHI, including:

    •    Medical documentation related to accommodations or leave

    •    Health information relevant to workplace compliance

    •    Employee-provided medical certifications

 

PHI is collected only when necessary to provide contracted services and is handled in accordance with HIPAA standards.

​

3. How We Use Information

​

Information collected is used solely for legitimate business and consulting purposes, including:

    •    Providing HR consulting, compliance guidance, investigations, and training

    •    Supporting employer compliance with employment and privacy laws

    •    Communicating with authorized client representatives

    •    Maintaining required business and legal records

    •    Complying with federal, state, and local regulations

​

4. HIPAA Compliance and Safeguards

 

When acting as a Business Associate under HIPAA, NextPhase HR Consulting, LLC:

    •    Uses and discloses PHI only as permitted by law or client agreement

    •    Implements administrative, technical, and physical safeguards to protect PHI

    •    Limits access to PHI to authorized personnel with a business need

    •    Maintains confidentiality agreements with staff and contractors

    •    Reports any suspected breach of unsecured PHI in accordance with HIPAA requirements

​

5. Information Sharing and Disclosure

 

We do not sell or misuse personal or health-related information. Information may be disclosed only:

    •    To authorized client representatives

    •    To subcontractors or service providers under strict confidentiality obligations

    •    As required by law, court order, or regulatory authority

    •    To prevent or address fraud, security threats, or legal violations

 

PHI is never shared without proper authorization unless legally permitted or required.

​

6. Data Security Measures

 

We maintain reasonable safeguards to protect information, including:

    •    Secure electronic storage and password-protected systems

    •    Limited access controls

    •    Secure document handling and disposal practices

    •    Ongoing confidentiality training

 

Despite safeguards, no system can guarantee absolute security.

 

⸻

 

7. Confidentiality of HR Consulting Services

 

All client engagements, employee data, and workplace matters are treated as confidential. Information obtained through consulting services is used exclusively for delivering contracted services and is not disclosed outside authorized channels.

8. Individual Rights

​

Where applicable, individuals may have the right to:

    •    Request access to or correction of their personal information

    •    Request restrictions on the use or disclosure of PHI

    •    Request deletion of information, subject to legal, contractual, or regulatory requirements

 

Requests must be submitted in writing using the contact information below.

 

9. Website Cookies and Tracking

​

Our website may use cookies or analytics tools to enhance functionality. These tools do not intentionally collect PHI. Users may disable cookies through browser settings.

​

10. Policy Updates

​

We may update this Privacy Policy periodically. Changes will be posted with an updated effective date.

​

11. Contact Information

​

For questions regarding this Privacy Policy, HIPAA-related concerns, or data handling practices, contact:

​

NextPhase HR Consulting, LLC

Email: NextphaseHr@outlook.com

 

By engaging with NextPhase HR Consulting, LLC, you acknowledge and agree to the terms of this Privacy Policy.

​

​

bottom of page