Request a Consult

Privacy Policy

Privacy Policy for Catawba Valley Medical Services (CVMS)

Catawba Valley Medical Services (“CVMS,” “we,” “us,” or “our”) is committed to safeguarding the privacy and security of all individuals who interact with us. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information in accordance with HIPAA, applicable federal and state laws, and industry best practices.

1. Information We Collect

We may collect the following categories of information:

Personal Identifiable Information (PII)

Name, date of birth, address, contact details, Social Security number, and emergency contacts.

Health Information

Medical history, care preferences, and insurance data shared during intake or inquiries—handled under HIPAA guidelines.

Employment Data

Résumés, employment history, licensure, certifications, background checks, and education records.

Technology-Related Data

Device type, IP address, browser info, geolocation, usage logs, and cookies (see “Cookies and Analytics”).

2. How We Use Your Information

We use your data to:
  • Deliver healthcare and administrative services
  • Manage employment applications and onboarding
  • Improve our website and services
  • Ensure security and regulatory compliance
  • Support internal analytics, training, and operations
  • Communicate updates, changes, or marketing (opt-in only)

3. Legal Bases for Processing

We process your data under lawful bases, including:
  • Consent
  • Contractual necessity
  • Legal obligation
  • Legitimate interests (e.g., quality improvement)

4. Information Sharing and Disclosure

We do not sell or rent your personal data. We may share your information:
  • With internal staff and care teams
  • With service providers (e.g., HR, EMR, billing platforms)
  • As required by law or regulators (e.g., DHHS, CMS)
  • During mergers, acquisitions, or organizational restructuring

5. Data Security

In accordance with our [IT Security Policy] and [Technology Policy], we implement:
  • End-to-end encryption
  • Firewalls and intrusion detection systems
  • Role-based access controls
  • Remote monitoring and logging
  • Regular vulnerability assessments
However, no system is entirely secure. Do not submit highly sensitive documents via open web forms.

6. Cookies and Analytics

We utilize cookies and third-party tools (e.g., Google Analytics) to improve your site experience. You may disable cookies through browser settings.

7. Your Rights

You may:
  • Access, correct, or delete your data
  • Opt out of marketing communications
  • Request data portability
  • File a complaint with the U.S. Department of Health and Human Services Office for Civil Rights if you believe your HIPAA rights have been violated

📍 409 B South Sterling St, Morganton, NC 28655
 📞 (828) 437-8808

8. HIPAA Compliance

While the public website is not a HIPAA portal, any patient data submitted is protected and stored in secure, compliant environments in accordance with 45 CFR Parts 160 and 164 (HIPAA Privacy and Security Rules).

9. Changes to this Policy

Updates will be posted with a revised “Effective Date.” Please review periodically.

Quick Links

Our Services

Connect With Us

  • © 2025 CVMS - A Finer Days Company. All Right Reserved.
Facebook-f Linkedin
Scroll to Top