Privacy Policy

Black River Nurse Consulting
A Division of Black River Customs, LLC
Effective Date: January 1, 2026

Black River Nurse Consulting (“Company,” “we,” “our,” or “us”) is committed to protecting the privacy, confidentiality, and security of personal and health-related information in accordance with applicable federal and Wisconsin law.

This Privacy Policy describes how we collect, use, disclose, safeguard, and retain information obtained through www.blackrivercustomsll.org (the “Website”) and through our consulting services.

By accessing the Website or engaging our services, you acknowledge and agree to the practices described herein.

1. Scope of This Policy

This Policy applies to information collected:

  • Through our Website;

  • Through electronic communications (email, contact forms, scheduling platforms);

  • During consultations and service interactions;

  • Through third-party vendors performing services on our behalf.

This Policy is intended to address privacy obligations under:

  • The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), where applicable;

  • The Health Information Technology for Economic and Clinical Health Act (“HITECH Act”);

  • Applicable Wisconsin privacy and health confidentiality laws, including Wisconsin Statutes Chapter 146 (Patient Health Care Records).

2. Nature of Services and HIPAA Status

Black River Nurse Consulting provides educational and consultative services. Services do not constitute medical diagnosis, treatment, or the establishment of a nurse–patient or provider–patient relationship unless expressly agreed in writing.

Depending on the nature of services provided, the Company may or may not qualify as a “Covered Entity” or “Business Associate” under HIPAA.

If we function in a capacity that involves the receipt, maintenance, or transmission of Protected Health Information (“PHI”) on behalf of a Covered Entity, we will comply with applicable HIPAA Privacy, Security, and Breach Notification Rules and execute Business Associate Agreements as required.

If services are strictly educational or consultative and no formal healthcare relationship exists, information shared may not constitute PHI under HIPAA, though it will still be treated with professional confidentiality and reasonable safeguards.

3. Information We Collect

A. Personal Information

We may collect:

  • Full name

  • Email address

  • Telephone number

  • Mailing address

  • Billing information

  • Communications submitted through forms or email

B. Health-Related Information

During consultations, you may voluntarily disclose health-related information. Depending on context, this may include:

  • Medical history

  • Current conditions

  • Medication information

  • Healthcare documentation

  • Other individually identifiable health information

When such information qualifies as Protected Health Information (PHI), it will be handled in accordance with HIPAA requirements where applicable.

C. Automatically Collected Information

When visiting the Website, we may collect:

  • IP address

  • Browser type and version

  • Device information

  • Pages visited and usage data

  • Cookies and analytics data

This technical information does not typically constitute PHI.

4. Lawful Basis for Processing

We process information based on:

  • Your consent;

  • Performance of a service agreement;

  • Compliance with legal and regulatory obligations;

  • Legitimate business interests, including recordkeeping and service improvement.

5. Use of Information

We may use personal and health-related information to:

  • Provide and coordinate consulting services;

  • Communicate regarding appointments or services;

  • Maintain business and financial records;

  • Comply with federal and Wisconsin legal obligations;

  • Improve operational efficiency and website performance;

  • Protect against fraud, misuse, or unauthorized access.

We do not sell or rent personal or health-related information.

6. Disclosure of Information

We may disclose information:

  • To third-party service providers (e.g., secure scheduling, payment processors, IT providers) under confidentiality obligations;

  • To Covered Entities pursuant to a Business Associate Agreement, where applicable;

  • As required by law, subpoena, court order, or Wisconsin mandatory reporting requirements;

  • To prevent serious threats to health or safety, consistent with HIPAA and Wisconsin law;

  • In connection with a lawful business transfer.

Disclosures of PHI, where applicable, will comply with HIPAA and Wisconsin Stat. § 146.82 governing patient health care records.

7. Data Security

We implement reasonable administrative, physical, and technical safeguards consistent with HIPAA Security Rule standards where applicable, including:

  • Secure communication platforms where feasible;

  • Limited access to sensitive information;

  • Password-protected systems;

  • Vendor agreements addressing data protection.

However, no electronic transmission or storage system is entirely secure. The Company disclaims liability for unauthorized access beyond its reasonable control.

8. Electronic Communications

Email and website submissions may not be fully secure. By communicating electronically, you acknowledge and accept the inherent risks of electronic transmission.

If you prefer alternative communication methods, please contact us directly to discuss secure options.

9. Data Retention

Information is retained only as long as necessary to:

  • Fulfill the purposes described in this Policy;

  • Meet federal and Wisconsin record retention requirements;

  • Resolve disputes and enforce agreements.

When PHI is retained, it will be maintained in accordance with applicable legal retention obligations.

10. Your Privacy Rights

Subject to applicable law, you may have the right to:

  • Request access to information maintained about you;

  • Request correction of inaccurate information;

  • Request limitations on certain uses or disclosures (where applicable under HIPAA);

  • Request deletion of information not subject to mandatory retention;

  • Receive an accounting of disclosures, where required by law.

Requests must be submitted in writing to:
theblackriver.customs@gmail.com

We reserve the right to verify identity before processing requests.

11. Breach Notification

In the event of a breach of unsecured Protected Health Information, and where HIPAA applies, we will provide notification consistent with HIPAA Breach Notification Rule requirements and applicable Wisconsin law.

12. Children’s Privacy

The Website is not directed to individuals under 13 years of age. We do not knowingly collect personal information from children without appropriate consent.

13. Changes to This Policy

We reserve the right to modify this Privacy Policy at any time. Changes will be posted with a revised Effective Date. Continued use of services constitutes acceptance of any revisions.

14. Contact Information

Black River Nurse Consulting
Email: theblackriver.customs@gmail.com
Website: www.blackrivercustomsll.org