The Pearl Institute

 

Effective Date: 1/1/2022

Last Updated: 3/3/2026

 

1. ORGANIZATION INFORMATION

 

The Pearl Institute is a North Carolina-based 501(c)(3) nonprofit organization. Mailing Address: PO Box1016, Waynesville, North Carolina 28786 Website: www.pearlpsychedelicinstitute.org Phone: [InsertPhone Number] Privacy Contact Email: [Insert Email] This document combines our Website PrivacyPolicy and our HIPAA Notice of Privacy Practices (NPP).

 

2. OUR LEGAL DUTIES

 

We are required by law to maintain the privacy of Protected Health Information (PHI), provideindividuals with notice of our legal duties and privacy practices, and abide by the terms of this Noticecurrently in effect.

 

3. INFORMATION WE COLLECT

 

A. Website Information: Name, email address, phone number, appointment inquiries, insurance details(if submitted), IP address, browser type, device type, and website usage data.

B. Protected HealthInformation (PHI): Medical and mental health history, clinical documentation, treatment plans,medication records, billing records, and other information necessary for treatment, payment, andhealthcare operations.

 

4. PERMITTED USES AND DISCLOSURES OF PHI

 

We may use and disclose PHI without written authorization for: • Treatment – coordination of care withproviders • Payment – billing and insurance processing • Healthcare Operations – quality assessment,compliance, auditing • Public Health Activities – reporting as required by law • Health OversightActivities – regulatory audits and investigations • Judicial and Administrative Proceedings – whenlegally required • Law Enforcement Purposes – as permitted by law • To Avert Serious Threat to Healthor Safety • Workers’ Compensation claims where applicable All other uses require written authorization.

 

5. TELEHEALTH SERVICES

 

Telehealth services are delivered using HIPAA-compliant platforms. Safeguards include encryptedcommunication, secure electronic medical records, role-based access controls, and BusinessAssociate Agreements (BAAs) with vendors. Services are provided only where providers are licensedor authorized to practice. No prescription medication is issued without proper clinical evaluation and anestablished provider-patient relationship.

 

6. ESKETAMINE (SPRAVATO®) REMS COMPLIANCE

 

When applicable, esketamine treatment is administered in accordance with FDA Risk Evaluation andMitigation Strategy (REMS) requirements. Administration occurs in a certified healthcare setting undermedical supervision.

 

7. INDIVIDUAL RIGHTS

 

You have the right to: • Inspect and obtain a copy of your medical record • Request amendment ofinaccurate information • Request restrictions on certain uses or disclosures • Request confidentialcommunications • Receive an accounting of disclosures • Obtain a paper copy of this Notice • File acomplaint without retaliation Complaints may be filed with: U.S. Department of Health and HumanServices Office for Civil Rights

 

8. DATA SECURITY MEASURES

 

We implement administrative, physical, and technical safeguards including: • Encryption of data intransit where appropriate • Secure electronic health record systems • Access controls andauthentication procedures • Workforce training and confidentiality agreements • Vendor oversight andexecuted Business Associate Agreements While we use reasonable safeguards, no system canguarantee absolute security.

 

9. DATA RETENTION

 

Medical records are retained in accordance with federal and North Carolina record retentionrequirements. Website data is retained only as necessary for operational, legal, and security purposes.

 

10. WEBSITE ANALYTICS AND ADVERTISING

 

We may use analytics tools such as Google Analytics to evaluate website performance. We do not sellpersonal information or Protected Health Information. Sensitive health information is not used foradvertising targeting. Advertising complies with applicable platform policies.

 

11. CHANGES TO THIS NOTICE

 

We reserve the right to change this Notice at any time. Revised versions will be posted on our websitewith an updated effective date.