Privacy Policy.

Privacy Policy

Prestige Healthcare Review Consultant, LLC

Version 1.2 | Effective Date: September 12, 2025

Registered in the State of Florida. Entity record available at www.Sunbiz.org

Reviewed Annually or as Required by Law.

---

1. Introduction

This Privacy Policy (the “Policy”) is issued by Prestige Healthcare Review Consultant, LLC (the “Company,” “we,” “our,” or “us”) pursuant to applicable state and federal privacy laws, including but not limited to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), 45 C.F.R. Parts 160 and 164, the Florida Information Protection Act of 2014 (FIPA), Fla. Stat. § 501.171, and the Gramm–Leach–Bliley Act (GLBA), 15 U.S.C. §§ 6801–6809, to the extent such laws may apply.

We are committed to maintaining the confidentiality, integrity, and security of all nonpublic personal, professional, and case-related information entrusted to us. This Policy delineates the standards and procedures by which we collect, use, safeguard, and disclose such information in compliance with applicable law and professional ethics.

Our services include **medical–legal consulting, record review, and case analysis** for attorneys, insurers, and healthcare organizations. **Teresa E. Guthrie, RN**, a duly **licensed Registered Nurse** in the State of Florida, directs these services. The Company does not provide clinical care or legal representation, and no communication herein or via this website constitutes legal or medical advice. All services are educational, administrative, or consultative in nature.

---

2. Scope of Policy

This Policy applies to all information obtained through:

* The Company’s website ([www.prestigehealthcarereview.com](http://www.prestigehealthcarereview.com));

* Email, telephone, teleconference, or video communications;

* Appointment scheduling and client intake forms;

* Secure document upload or transfer systems; and

* In-person meetings or physical record exchanges.

This Policy does not extend to external third-party sites or services not controlled by the Company.

---

3. Information We Collect

The Company collects only that information necessary to perform contractual obligations and maintain legitimate business functions as permitted under Fla. Stat. § 501.171(2)

A. Business and Contact Information

Name, title, mailing address, phone, and email address;

Law firm, healthcare organization, or business affiliation;

Billing and payment identifiers.

B. Case and Documentation Data

Medical and facility records provided by clients;

Legal pleadings, summaries, or exhibits;

Nonclinical materials reasonably required for professional review.

C. Technical Data

IP address, browser type, and session analytics via Squarespace or Google Analytics, consistent with FTC Act §5 guidance regarding unfair or deceptive practices in data collection.

We do not knowingly solicit or collect protected health information directly from patients.

---

4. Purpose and Use of Information

All information is used exclusively to:

  1. Fulfill contracted services and perform record analyses;

  2. Administer billing, scheduling, and communications;

  3. Generate written reports and deliverables;

  4. Maintain internal compliance documentation; and

  5. Meet statutory and ethical obligations under Florida and federal law.

We expressly disclaim the sale, rental, or commercial disclosure of personal information except as required by law.

---

5. Confidentiality and HIPAA Compliance

The Company observes confidentiality in accordance with HIPAA Privacy and Security Rules (45 C.F.R. §§164.500 et seq.) and Florida law. Although not a “Covered Entity” or “Business Associate” absent written designation, the Company voluntarily applies HIPAA-aligned safeguards.

Disclosure of client information occurs only:

1. To authorized clients or their designees;

2. As compelled by subpoena, court order, or governmental regulation; or

3. Upon the express written consent of the client.

All employees, contractors, and vendors with access to such data are required to execute confidentiality or nondisclosure agreements consistent with Fla. Stat. § 688.002 (Florida Uniform Trade Secrets Act).

---

6. Data Security Standards

Consistent with Fla. Stat. § 501.171(2) and 45 C.F.R. §164.308, the Company employs administrative, physical, and technical safeguards to prevent unauthorized access, disclosure, or destruction of information:

* Encryption and password protection of electronic records;

* Physical lock-and-key protection of paper files; and

* Secure Socket Layer (SSL/TLS) encryption for digital communications.

---

7. Record Retention and Destruction

Records shall be preserved for not less than five (5) years following case completion in accordance with accepted legal consulting standards. Destruction shall conform to **45 C.F.R. §164.530(c)** and **Fla. Stat. § 501.171(8)** using cross-shredding or certified digital erasure.

---

8. Financial Data Handling

Payments are processed via PCI DSS–compliant vendors such as Squarespace Payments or Stripe. The Company neither stores nor retains full account numbers or card details. Transactions are encrypted per **15 U.S.C. § 6801(b)** and related implementing regulations.

---

9. Notary Public Records

For notarial services under Florida Statutes Chapter 117, personal identification and document data are collected strictly in accordance with Fla. Stat. §117.05 and preserved in the notarial journal for the period mandated by law. Access is restricted except as authorized under statute or court order.

---

10. Professional Disclaimers

The Company’s consulting work is nonclinical and nonlegal. No information provided constitutes medical advice within the meaning of **Fla. Stat. §456.072(1)(o)** or legal advice under **The Florida Bar Rule 4-5.5** governing unauthorized practice of law.

All analytical opinions are derived from nursing expertise and objective review of client-provided documentation. Attorneys retain ultimate responsibility for legal decisions, and healthcare providers remain responsible for patient care.

---

11. Cross-Border Data Transfers

Information may be processed or stored outside Florida or the United States. Such transfers are executed under contractual assurances consistent with **45 C.F.R. §164.502(b)** (minimum necessary standard) and equivalent data protection measures.

---

12. Legal Basis for Processing

  1. Processing occurs under the following lawful bases:

  2. Consent** (express or implied through engagement);

  3. Contractual Necessity** (performance of services);

  4. Legal Obligation** (statutory retention or disclosure duties); and

  5. Legitimate Interest** (audit, compliance, and defense of claims).

---

13. Client Rights and Requests

Pursuant to Fla. Stat. §501.171(4), clients may request access to, correction of, or deletion of personal data, subject to legal and contractual limitations. Requests must be submitted in writing to [compliance@prestigehealthcarereview.com](mailto:compliance@prestigehealthcarereview.com)**. The Company shall respond within thirty (30) business days absent extraordinary circumstances.

---

14. Third-Party Vendors and Processors

All third-party service providers are contractually bound under 45 C.F.R. §164.308(b) and Fla. Stat. §501.171(2) to implement data-protection safeguards no less stringent than those employed by the Company. Vendor compliance is reviewed periodically.

---

. Limitation of Liability

To the maximum extent permitted under Fla. Stat. §672.719 and applicable common law, the Company, its members, and affiliates shall not be liable for any indirect, incidental, consequential, or punitive damages arising from use, disclosure, or loss of information, whether based in contract, tort, or negligence.

---

16. Governing Law and Venue

This Policy and any dispute arising hereunder shall be governed by and construed under the laws of the State of Florida in accordance with Fla. Stat. §685.101 and §685.102. Venue shall lie exclusively in the state or federal courts located in Escambia County, Florida. Each party irrevocably waives any right to a jury trial and agrees that the prevailing party shall be entitled to reasonable attorneys’ fees and costs.

---

17. Management and Administrative Oversight

**Prestige Healthcare Review Consultant, LLC operates under the compliance oversight of Guardian Shore Capital, LLC and the administrative management of G&H NorthStar Management Group, LLC, pursuant to the Company’s internal governance policy. All consulting services are rendered solely by **Prestige Healthcare Review Consultant, LLC under the professional supervision of Teresa E. Guthrie, RN.

Neither Guardian Shore Capital, LLC nor G&H NorthStar Management Group, LLC provides consulting or notarial services to clients.

---

18. Policy Amendments and Notice of Changes

Material modifications to this Policy shall be communicated to clients via website posting and, where applicable, electronic notice in compliance with Fla. Stat. §501.171(3). Continued engagement following publication of such revisions constitutes acceptance of the updated Policy.

---

19. Contact for Inquiries

Prestige Healthcare Review Consultant, LLC

Attn: Privacy & Compliance Office

4087 Erika Ct.

Pensacola, Florida 32526

📧 [compliance@prestigehealthcarereview.com](mailto:compliance@prestigehealthcarereview.com)

📧 [legal@prestigehealthcarereview.com](mailto:legal@prestigehealthcarereview.com)

📞 (850) 529-5555

---

Acknowledgment and Execution

This Policy has been reviewed and approved by the Company’s compliance and management entities.

Prepared by: Guardian Shore Capital, LLC (Compliance Division)

Reviewed by: G&H NorthStar Management Group, LLC (Administrative Agent)

Approved by: Teresa E. Guthrie, RN, Principal Consultant

---

© 2025 Prestige Healthcare Review Consultant, LLC

Managed by Guardian Shore Capital, LLC | Administrative Agent: G&H NorthStar Management Group, LLC

Florida Registered Entity | HIPAA-Aligned Confidentiality Practices | All Rights Reserved