Privacy policy
HIPAA-Compliant Privacy Policy
Effective Date: 23-07-2025
Perfectus Medical Billing, LLC ("Company," "we," "our," or "us") is committed to safeguarding the privacy and security of your health information. This Privacy Policy describes our practices for collecting, using, safeguarding, and communicating information—especially Protected Health Information (PHI)—in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and related regulations.
---
1. Scope and Purpose
This policy applies to all information collected or received on our website, through our secure communications (including protected email), or via any other interaction with our services. Its purpose is to ensure that any PHI or other personal information is handled appropriately, securely, and in line with HIPAA requirements.
---
2. Information We Collect
a. Protected Health Information (PHI):
PHI may include identifiable patient information related to health status, treatment, or payment information that is collected voluntarily from clients, partners, or referred healthcare providers.
PHI is not collected via our general public website but may be transmitted through our secure, authenticated portals or protected email systems.
b. Business and Contact Information:
Name, contact details (such as email address, phone number, and mailing address), practice information, and other identifiers provided during inquiries or business transactions.
c. Technical and Log Data:
Data such as IP addresses, device information, browser details, and website usage statistics. These details are collected for system administration, troubleshooting, and improvement of service security.
---
3. How We Use Your Information
We use the collected information to:
Provide Services:
Deliver medical coding and billing services, process transactions, and respond to inquiries.
Maintain HIPAA Compliance:
Ensure that all handling of PHI meets the privacy and security standards required by law. This includes using secure, encrypted channels (such as protected email) for communications that contain PHI.
Improve Our Services:
Analyze technical data to improve our website and service offerings, ensuring optimal performance and security.
Communications:
Respond to service requests and offer relevant updates. When communicating PHI or sensitive information, we use secure, encrypted email systems and other approved methods to protect your data.
---
4. Secure Communications
a. Protected Email and Secure Channels:
All communications involving PHI are conducted using secure, encrypted email services or other HIPAA-compliant communication channels.
Clients and partners are encouraged to use these secure channels when transmitting or receiving sensitive information.
b. Encryption and Access Controls:
We implement state-of-the-art encryption both in transit and at rest to protect any electronic information.
Access to PHI is restricted to authorized personnel who require the information for performing their job duties.
---
5. Information Sharing and Disclosure
a. Authorized Disclosures:
PHI may be shared with authorized parties such as healthcare providers, payers, or legal entities only when necessary for treatment, payment, or healthcare operations—as allowed or required by HIPAA.
b. Third-Party Service Providers:
We may engage third-party vendors for services such as secure email hosting, website analytics, or IT support. These vendors are contractually bound to maintain the security and confidentiality of PHI and comply with HIPAA requirements.
c. Legal Requirements:
We may disclose information if required by law, regulation, or a valid subpoena, or to protect the rights, safety, or property of our Company, our clients, or others.
---
6. Data Security Measures
To protect your information, we implement:
Technical Safeguards:
Encryption, firewalls, secure socket layers (SSL), and intrusion detection systems.
Administrative Safeguards:
Regular staff training on HIPAA and privacy best practices, restricted access controls, audit logs, and periodic security reviews.
Physical Safeguards:
Secure data centers, controlled physical access to our offices and servers, and strict data disposal protocols.
While no method is absolutely secure, we commit to maintaining robust measures to reduce risks to your data.
---
7. Your Rights and Choices
You have rights regarding your PHI and personal information, including:
Access:
Request access to the PHI we maintain about you.
Correction:
Request corrections to any inaccurate or incomplete information.
Restrictions:
Request restrictions on certain uses or disclosures of your information.
Accounting of Disclosures:
Request details of disclosures made of your PHI.
For any requests, please contact us as described below. We will respond in accordance with applicable laws and regulations.
---
8. Data Retention
We retain your PHI and other personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law. Secure deletion protocols are in place when data is no longer needed.
---
9. Training and Policy Review
All employees and contractors receive regular training on HIPAA compliance, data security, and privacy practices. We review and update this policy periodically to reflect any changes in regulations or operational practices.
---
10. Changes to This Privacy Policy
We reserve the right to update this Privacy Policy. Any changes will be posted on our website along with an updated effective date. We encourage you to review this policy periodically.
---
11. Contact Us
For questions about this Privacy Policy or to exercise your rights regarding your personal or health information, please contact:
Perfectus Medical Billing, LLC
Attn: Privacy Compliance Officer
Email: Perfectusmbllc@proton.me
Phone: 888-322-3302
Address:
301 S McDowell Street Suite 125
Charlotte, NC 28204
