PRIVACY POLICY
1. OVERVIEW
Compass Medical Billing Services and Compass Healthcare Management Solutions, LLC (“Compass,” “we,” “our,” or “us”) are committed to protecting the privacy, confidentiality, and security of all information collected through our website.
This Website Privacy Policy governs the collection and use of information through our website and is designed to comply with applicable federal and state laws, including:
- The Health Insurance Portability and Accountability Act (HIPAA)
- The Health Information Technology for Economic and Clinical Health Act (HITECH)
- State-level privacy laws (including but not limited to California, Virginia, Colorado, Connecticut, and others as applicable)
This policy applies only to website interactions and does not replace or supersede any Business Associate Agreement (BAA) executed with clients.
2. INFORMATION WE COLLECT THROUGH OUR WEBSITE
We collect limited, non-clinical information through our website, including:
A. Information You Provide Voluntarily
- Name, email address, phone number
- Business/practice information
- Inquiry details submitted through contact forms
B. Automatically Collected Information
- IP address
- Browser type and device information
- Pages visited and time spent
- Referring URLs
C. Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Improve website functionality
- Analyze traffic and user behavior
- Enhance user experience
Users may disable cookies through browser settings.
3. NO COLLECTION OF PHI THROUGH WEBSITE
Compass does not intentionally collect Protected Health Information (PHI) through its website.
Users are expressly instructed not to submit PHI through website forms. Any such submission is at the user’s own risk and will not be treated as secure transmission under HIPAA.
4. HOW WE USE INFORMATION
We use collected information strictly for:
- Responding to inquiries
- Providing service information
- Improving website performance
- Internal analytics and marketing optimization
We do not sell or rent personal information.
5. DISCLOSURE OF INFORMATION
We may disclose information:
- To service providers supporting website operations (under strict confidentiality agreements)
- To comply with legal obligations
- To protect the rights, safety, and integrity of Compass
We do not disclose personal data for commercial resale purposes.
6. DATA SECURITY
We implement commercially reasonable safeguards, including:
- SSL/TLS encryption for website traffic
- Secure hosting environments
- Access controls and monitoring
However, users acknowledge that no internet transmission is 100% secure.
7. CROSS-BORDER WORKFORCE DISCLOSURE
Compass utilizes a global workforce model, including personnel located in:
- The United States
- The Philippines
- Jamaica, West Indies
All workforce members, regardless of location:
- Are bound by strict confidentiality agreements
- Operate under HIPAA-compliant policies and procedures
- Are subject to role-based access restrictions
- Receive ongoing compliance and security training
No PHI is accessed or processed outside of secure, controlled environments in compliance with U.S. regulatory requirements.
8. THIRD-PARTY SYSTEMS AND INTEGRATIONS
Compass works with multiple third-party systems, including:
- Electronic Health Record (EHR) platforms
- Practice Management Systems
- Payer portals (e.g., Availity, Optum, clearinghouses)
- Secure cloud infrastructure providers
All vendors are evaluated for compliance and security standards and, where applicable, are governed by executed BAAs.
9. YOUR PRIVACY RIGHTS
Depending on your state of residence, you may have the right to:
- Request access to your personal data
- Request correction or deletion
- Opt out of certain data uses
Contact Information
If you have any questions or concerns regarding this Privacy Policy or our data practices, please contact us.
By using our services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described herein.
