PRIVACY POLICY


1. OVERVIEW

Compass Medical Billing Services and Compass Healthcare Management Solutions, LLC (“Compass,” “we,” “our,” or “us”) are committed to protecting the privacy, confidentiality, and security of all information collected through our website.

This Website Privacy Policy governs the collection and use of information through our website and is designed to comply with applicable federal and state laws, including:

  • The Health Insurance Portability and Accountability Act (HIPAA) 
  • The Health Information Technology for Economic and Clinical Health Act (HITECH) 
  • State-level privacy laws (including but not limited to California, Virginia, Colorado, Connecticut, and others as applicable) 

This policy applies only to website interactions and does not replace or supersede any Business Associate Agreement (BAA) executed with clients.


2. INFORMATION WE COLLECT THROUGH OUR WEBSITE

We collect limited, non-clinical information through our website, including:

A. Information You Provide Voluntarily

  • Name, email address, phone number 
  • Business/practice information 
  • Inquiry details submitted through contact forms 

B. Automatically Collected Information

  • IP address 
  • Browser type and device information 
  • Pages visited and time spent 
  • Referring URLs 

C. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Improve website functionality 
  • Analyze traffic and user behavior 
  • Enhance user experience 

Users may disable cookies through browser settings.


3. NO COLLECTION OF PHI THROUGH WEBSITE

Compass does not intentionally collect Protected Health Information (PHI) through its website.

Users are expressly instructed not to submit PHI through website forms. Any such submission is at the user’s own risk and will not be treated as secure transmission under HIPAA.


4. HOW WE USE INFORMATION

We use collected information strictly for:

  • Responding to inquiries 
  • Providing service information 
  • Improving website performance 
  • Internal analytics and marketing optimization 

We do not sell or rent personal information.


5. DISCLOSURE OF INFORMATION

We may disclose information:

  • To service providers supporting website operations (under strict confidentiality agreements) 
  • To comply with legal obligations 
  • To protect the rights, safety, and integrity of Compass 

We do not disclose personal data for commercial resale purposes.


6. DATA SECURITY

We implement commercially reasonable safeguards, including:

  • SSL/TLS encryption for website traffic 
  • Secure hosting environments 
  • Access controls and monitoring 

However, users acknowledge that no internet transmission is 100% secure.


7. CROSS-BORDER WORKFORCE DISCLOSURE

Compass utilizes a global workforce model, including personnel located in:

  • The United States 
  • The Philippines 
  • Jamaica, West Indies 

All workforce members, regardless of location:

  • Are bound by strict confidentiality agreements 
  • Operate under HIPAA-compliant policies and procedures 
  • Are subject to role-based access restrictions 
  • Receive ongoing compliance and security training 

No PHI is accessed or processed outside of secure, controlled environments in compliance with U.S. regulatory requirements.


8. THIRD-PARTY SYSTEMS AND INTEGRATIONS

Compass works with multiple third-party systems, including:

  • Electronic Health Record (EHR) platforms 
  • Practice Management Systems 
  • Payer portals (e.g., Availity, Optum, clearinghouses) 
  • Secure cloud infrastructure providers 

All vendors are evaluated for compliance and security standards and, where applicable, are governed by executed BAAs.


9. YOUR PRIVACY RIGHTS

Depending on your state of residence, you may have the right to:

  • Request access to your personal data 
  • Request correction or deletion 
  • Opt out of certain data uses 


Contact Information

If you have any questions or concerns regarding this Privacy Policy or our data practices, please contact us.


By using our services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described herein.