Privacy Policy

1. Introduction

Cardio Billing Solutions ("we," "our," or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our cardiology billing services. We comply with the Health Insurance Portability and Accountability Act (HIPAA), as well as other applicable federal and state privacy laws.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

Request a consultation or free billing review
Sign up for our services
Contact us through our website or phone
Subscribe to our newsletter or blog updates
Fill out forms on our website

This information may include: name, email address, phone number, practice name, website URL, and healthcare facility information.

2.2 Protected Health Information (PHI)

As a medical billing service provider, we may receive, process, and store Protected Health Information (PHI) as defined under HIPAA. This includes patient demographic information, insurance details, diagnosis codes, procedure codes, and other billing-related health information. We act as a Business Associate under HIPAA and maintain strict safeguards for all PHI.

2.3 Technical Information

We automatically collect certain information when you visit our website, including:

IP address and browser type
Device information and operating system
Pages visited and time spent on our site
Referring website addresses
Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect for the following purposes:

Service Delivery: To provide medical billing services, process claims, verify eligibility, manage denials, and perform all related revenue cycle management functions
Communication: To respond to your inquiries, schedule consultations, provide service updates, and send important notifications
Improvement: To analyze website usage, improve our services, and enhance user experience
Compliance: To comply with legal obligations, including HIPAA, billing regulations, and audit requirements
Marketing: To send newsletters, blog updates, and promotional materials (you may opt out at any time)
Security: To protect against fraud, unauthorized access, and maintain the security of our systems

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

Healthcare Providers: We share billing information with insurance companies, clearinghouses, and payers as necessary to process claims and obtain reimbursements
Service Providers: We may engage trusted third-party vendors who assist us in operating our website, conducting business, or servicing you, provided they agree to keep information confidential
Legal Requirements: We may disclose information when required by law, court order, subpoena, or to protect our rights and safety
Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity
With Your Consent: We may share information for other purposes with your explicit consent

5. HIPAA Compliance

As a Business Associate under HIPAA, we maintain comprehensive safeguards to protect PHI:

Administrative Safeguards: Security policies, workforce training, and access controls
Physical Safeguards: Secure facilities, workstation security, and device controls
Technical Safeguards: Encryption, secure transmission, access controls, and audit logs
Business Associate Agreements: We execute HIPAA-compliant agreements with all covered entities we serve
Breach Notification: We have procedures in place to detect, report, and respond to any potential breaches

6. Data Security

We implement industry-standard security measures to protect your information:

SSL/TLS encryption for data transmission
Encrypted storage of sensitive information
Multi-factor authentication for system access
Regular security audits and vulnerability assessments
Employee training on data security and privacy
Restricted access to PHI on a need-to-know basis
Secure backup and disaster recovery procedures

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights and Choices

You have the following rights regarding your information:

Access: Request a copy of the personal information we hold about you
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your personal information (subject to legal retention requirements)
Opt-Out: Unsubscribe from marketing communications at any time
Restrict Processing: Request limitations on how we use your information
Data Portability: Request a copy of your data in a structured format
HIPAA Rights: Exercise your rights under HIPAA regarding PHI, including the right to an accounting of disclosures

To exercise these rights, please contact us at privacy@cardiomedicalbilling.com or call (800) 516-5234.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website. Cookies are small text files stored on your device. We use:

Essential Cookies: Necessary for website functionality
Analytics Cookies: To understand how visitors use our site
Marketing Cookies: To deliver relevant advertisements

You can control cookies through your browser settings. Disabling cookies may affect website functionality.

9. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any information.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

11. Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. PHI is retained in accordance with HIPAA requirements and applicable federal and state regulations, typically for a minimum of six years.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The "Last Updated" date at the top of this page indicates when the policy was last revised. We encourage you to review this policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Cardio Billing Solutions
2436 Brigham Street
Brooklyn, NY 11235

Email: privacy@cardiomedicalbilling.com
Phone: (800) 516-5234
Privacy Officer: Available upon request

14. State-Specific Privacy Rights

Residents of certain states may have additional privacy rights:

California (CCPA/CPRA): Right to know, delete, and opt-out of the sale of personal information
Virginia (VCDPA): Right to access, correct, delete, and opt-out
Colorado (CPA): Right to access, correct, delete, and opt-out
Other States: Additional rights may apply based on your location

To exercise state-specific rights, please contact us using the information provided above.