+1 888 336 2455 Free billing audit
Legal · Effective 2025-01-01

Privacy policy.

My Healthcare Billing values your privacy and is committed to protecting your personal information. This policy outlines how we collect, use, store, and disclose your information.

1. Information we collect

We may collect the following types of information:

1.1 Personal information

  • Name, email address, phone number, billing address, and payment information.
  • Information related to healthcare services provided by our clients.

1.2 Non-personal information

  • Browser type, IP address, operating system, and usage data collected automatically through cookies or similar technologies.

1.3 Protected Health Information (PHI)

  • Information provided by healthcare providers or other entities we work with that may include patient data as defined by HIPAA.

2. How we use your information

  • To provide and improve our services.
  • To process payments and manage billing.
  • To ensure compliance with legal and regulatory requirements, including HIPAA.
  • To communicate with you regarding your account or inquiries.
  • To protect against fraud, unauthorized access, and other illegal activities.

3. Sharing and disclosure of information

We do not sell your personal information. However, we may share your information in the following circumstances:

  • With service providers who perform functions on our behalf (e.g., payment processors).
  • To comply with legal obligations, such as court orders or subpoenas.
  • To protect the rights, property, or safety of the Company, our users, or others.
  • As part of a business transaction, such as a merger or acquisition, where information may be transferred as an asset.

4. Data security

We implement robust security measures to protect your information, including:

  • Encryption and secure storage of sensitive data.
  • Regular security audits and updates.
  • Restricted access to personal and PHI data based on job roles.

Despite our efforts, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

5. Your rights

Depending on your jurisdiction, you may have the following rights:

  • Access and request a copy of your personal information.
  • Request corrections to inaccurate or incomplete information.
  • Request deletion of your information, subject to legal and contractual obligations.
  • Opt-out of certain data uses, including marketing communications.

To exercise your rights, please contact us at [email protected].

6. Cookies and tracking technologies

Our website uses cookies to enhance user experience, analyze site traffic, and for marketing purposes. You can manage your cookie preferences through your browser settings.

7. Third-party links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any personal information.

8. Changes to this privacy policy

We reserve the right to update this Privacy Policy at any time. Changes will be effective upon posting to our website with the updated effective date. Continued use of our services constitutes acceptance of the revised policy.

9. HIPAA & Protected Health Information

My Healthcare Billing acts as a Business Associate to its healthcare provider clients (the Covered Entities) under the Health Insurance Portability and Accountability Act (HIPAA), as amended by the HITECH Act. We treat all Protected Health Information (PHI) we receive on behalf of a Covered Entity in accordance with our Business Associate Agreement (BAA) with that Covered Entity and the HIPAA Privacy and Security Rules.

  • We use and disclose PHI only as permitted by our BAA, as required by law, or as authorized in writing by the Covered Entity or the individual.
  • We implement administrative, physical, and technical safeguards designed to protect the confidentiality, integrity, and availability of PHI.
  • If you are a patient with questions about how your PHI is used, please contact your healthcare provider directly. As a Business Associate, we direct patient inquiries to the Covered Entity that holds the patient relationship.
  • A signed BAA is available on request for any prospective Covered Entity client.

10. California residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you the following rights:

  • Right to know: request the categories and specific pieces of personal information we have collected about you.
  • Right to delete: request deletion of your personal information, subject to legal exceptions.
  • Right to correct: request correction of inaccurate personal information.
  • Right to opt out of sale or sharing: we do not sell or share personal information for cross-context behavioral advertising. There is nothing to opt out of.
  • Right to limit use of sensitive personal information: we use sensitive personal information only for the purposes for which it was provided.
  • Right to non-discrimination for exercising any of the rights above.

To exercise California rights, email [email protected] with the subject line "California Privacy Request." We will verify your identity before fulfilling the request.

11. EEA, UK, and Swiss residents (GDPR)

If you are located in the European Economic Area, United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) grants you rights of access, rectification, erasure, restriction, portability, and objection regarding your personal data. Our legal bases for processing include consent, performance of a contract, compliance with legal obligations, and legitimate interests in operating our business. To exercise GDPR rights, email [email protected].

12. Children's privacy

Our services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it. If you believe a child has provided us with personal information, contact us immediately.

13. Data retention

We retain personal information and PHI for the period required by our service agreements, BAAs, and applicable law (including HIPAA, tax, and accounting requirements). Typical retention periods range from six to ten years for billing records. When the retention period ends, we delete or de-identify the data.

14. International data transfers

We are based in the United States, and any personal information you provide is processed and stored in the United States. If you access our services from outside the U.S., your information will be transferred to and processed in the U.S., where data protection laws may differ from those in your country.

15. Data breach notification

In the event of a security incident affecting personal information or PHI, we will notify affected individuals and the relevant Covered Entity in accordance with our BAA, the HIPAA Breach Notification Rule, and applicable state and federal law. Our breach response process includes containment, investigation, root-cause analysis, and remediation.

16. Marketing communications & Do Not Track

You can opt out of marketing emails by clicking the unsubscribe link in any marketing email or by emailing [email protected]. We will continue to send service-related, transactional, and account-related communications.

Many web browsers offer a "Do Not Track" (DNT) signal. Because there is no industry-standard interpretation of DNT, our website does not currently respond to DNT signals.

17. Cookies and tracking technologies

Our website uses cookies to enhance user experience, analyze site traffic, and for marketing purposes. You can manage your cookie preferences through your browser settings.

18. Third-party links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any personal information.

19. Changes to this privacy policy

We reserve the right to update this Privacy Policy at any time. Changes will be effective upon posting to our website with the updated effective date. Material changes will be communicated through a banner on our website or via email where appropriate. Continued use of our services constitutes acceptance of the revised policy.

20. Accessibility statement

My Healthcare Billing is committed to providing a website that is accessible to the widest possible audience, in accordance with the Americans with Disabilities Act (ADA Title III) and the Web Content Accessibility Guidelines (WCAG 2.1 Level AA). We continually evaluate and improve the accessibility of our digital experience.

If you encounter content that is not accessible to you, or if you have feedback or suggestions about accessibility on this site, please contact us at [email protected] with the subject line "Accessibility" and we will work to address the issue. We aim to respond to accessibility requests within five business days.

21. Your HIPAA rights as an individual

If your protected health information is processed by us as a Business Associate of your healthcare provider, your rights regarding that information (including the right to access, amend, and request an accounting of disclosures) are administered by your provider, the Covered Entity. Please direct individual HIPAA rights requests to the healthcare provider that delivered your care. We will support our Covered Entity clients in fulfilling those requests.

22. Contact us

If you have questions or concerns about this Privacy Policy, please contact our Privacy Officer at:

  • Email: [email protected] (subject line: "Privacy")
  • Phone: +1 888 336 2455
  • Mail: My Healthcare Billing, Attn: Privacy Officer, 111 N Wabash Ave 100-3701, Chicago, IL 60601, USA

Thank you for trusting My Healthcare Billing. Your privacy is important to us.