Privacy Policy

Introduction

Blue Peak Healthcare RCM ("Blue Peak," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website, use our services, or interact with us.

As a healthcare revenue cycle management company, we understand the sensitive nature of health-related information and are committed to maintaining the highest standards of privacy and security in compliance with applicable laws, including the Health Insurance Portability and Accountability Act (HIPAA).

Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us, including:

• Name, email address, phone number, and mailing address
• Company name and job title
• Account credentials (username and password)
• Payment and billing information
• Communications you send to us

Protected Health Information (PHI)

In the course of providing our revenue cycle management services, we may receive Protected Health Information (PHI) from our healthcare provider clients. This information is handled strictly in accordance with HIPAA regulations and our Business Associate Agreements (BAAs) with covered entities.

Automatically Collected Information

When you visit our website, we may automatically collect certain information, including:

• IP address and device identifiers
• Browser type and operating system
• Pages viewed and links clicked
• Date and time of visits
• Referring website addresses

How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, and improve our revenue cycle management services
• To process transactions and send related information
• To respond to your inquiries and provide customer support
• To send administrative information, updates, and marketing communications
• To analyze usage patterns and improve our website and services
• To detect, prevent, and address technical issues and security threats
• To comply with legal obligations and enforce our agreements

HIPAA Compliance

As a Business Associate under HIPAA, Blue Peak Healthcare RCM is committed to:

• Maintaining appropriate administrative, physical, and technical safeguards to protect PHI
• Using and disclosing PHI only as permitted by our Business Associate Agreements
• Reporting any security incidents or breaches as required by law
• Ensuring our subcontractors agree to the same restrictions and conditions
• Making our internal practices and records available to the Department of Health and Human Services
• Returning or destroying PHI upon termination of agreements, where feasible

Data Security

We implement robust security measures to protect your information, including:

• Encryption of data in transit and at rest using industry-standard protocols
• Secure access controls and authentication mechanisms
• Regular security assessments and vulnerability testing
• Employee training on data privacy and security best practices
• Physical security measures at our facilities
• Incident response and disaster recovery procedures

Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: With trusted third-party vendors who assist in providing our services, subject to confidentiality obligations
• Legal Requirements: When required by law, court order, or governmental authority
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Protection of Rights: To protect our rights, privacy, safety, or property
• With Consent: With your explicit consent for any other purpose

Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information, subject to legal obligations
• Opt-Out: Unsubscribe from marketing communications at any time
• Data Portability: Request a copy of your data in a portable format

To exercise these rights, please contact us using the information provided below.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. These technologies help us:

• Remember your preferences and settings
• Understand how you interact with our website
• Analyze website traffic and performance
• Deliver relevant content and advertisements

You can control cookies through your browser settings. However, disabling cookies may affect certain features of our website.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. For PHI, we follow retention requirements specified in our Business Associate Agreements and applicable healthcare regulations.

Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately so we can delete it.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a new "Last Updated" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: