Icon
Img

Privacy Policy

Effective Date: 11.11.2024

SCOPE AND PURPOSE  

This Privacy Policy (“Policy”) governs the collection, use, and disclosure of personal information by OneMed Billing, operated by Onemed & A2Z Solutions LLC (registered in Wilmington, Delaware, USA) and Onemed & A2Z Solutions Private Limited (registered in Kolkata, West Bengal, India) (collectively referred to as "OneMed Billing," "we," "our," or "us"). This Policy applies to the websites, applications, and services offered by OneMed Billing, including but not limited to www.onemedbilling.com and any other sites or services that link to this Policy (collectively referred to as the "Sites").

This Policy is designed in accordance with the U.S. federal and state laws, including the Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA), Delaware Online Privacy Protection Act (DOPPA), UK & EU General Data Protection Regulation (GDPR) as well as the Information Technology Act and Personal Data Protection Bill (India).

By using the Sites and our services, you consent to the collection, use, and disclosure of your information as outlined in this Policy.

1. INFORMATION WE COLLECT

We may collect and process various categories of personal data:

  • Personal Identifiers: Name, email address, postal address, phone number, and IP address.
  • Professional Information: Job title, employer, or other work-related information.
  • Health-Related Information: As required under HIPAA for medical billing and revenue cycle management services.
  • Geolocation Data: General location derived from your IP address or precise location data if explicitly authorized.
  • Electronic Activity Information: Information on website interactions, including browser type, device information, and cookies.
  • Commercial Information: Transaction history, services requested, or purchased.
  • Financial Information: Payment details, including bank or card information for processing payments related to our services.
 

 

2. METHODS OF COLLECTION

We collect personal data through:

  • Direct Collection: Information you provide when creating an account, making inquiries, filling out forms, or using our services.
  • Automated Technologies: Cookies, pixels, and other tracking technologies that gather data about how you interact with our Sites.
  • Third-Party Sources: Information may also be collected from lead generation providers, public databases, social networks, and business partners

 

  1. LEGAL BASIS FOR PROCESSING (EU & UK GDPR)

For users in the UK and EU, we process personal data based on one or more of the following legal grounds:

  • Consent: When you have given clear consent for processing your data for a specific purpose.
  • Contractual Necessity: When data is necessary to fulfill a contract with you.
  • Legal Obligation: When data processing is required by law.
  • Legitimate Interests: When processing is necessary for our legitimate interests, balanced against your data protection rights.
  • Explicit Consent for Sensitive Data: For health-related information under HIPAA and GDPR Article 9, we process data based on explicit consent or other lawful grounds.

 

  1. USE OF PERSONAL DATA

We use personal information to:

  • Provide and improve our services, including medical billing and revenue cycle management.
  • Comply with legal and regulatory requirements, including HIPAA and GDPR.
  • Process payments, manage client accounts, and respond to inquiries.
  • Communicate with you about our services, including sending newsletters and marketing communications where permitted by law.
  • Ensure security, integrity, and compliance with legal requirements.
  • Detect and prevent fraud, abuse, or illegal activities.
 

 

  1. DISCLOSURE OF PERSONAL DATA

No mobile information shall be disclosed to third parties or affiliates for marketing or promotional purposes. All other categories of data are hereby excluded from this provision, including text messaging originator opt-in data and consent. Such opt-in data and consent shall not be shared with any third parties under any circumstances.

 

  1. DATA SUBJECT RIGHTS (EU & UK GDPR)

If you are a resident of the EU or UK, you have the following rights under GDPR:

  • Right to be Informed: Clear information about data collection and use.
  • Right of Access: Access the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate data.
  • Right to Erasure (Right to be Forgotten): Request deletion of your personal data in certain situations.
  • Right to Restrict Processing: Limit how we process your data in certain circumstances.
  • Right to Data Portability: Receive a copy of your data in a machine-readable format or have it transferred to another organization.
  • Right to Object: Object to data processing based on legitimate interests or direct marketing.
  • Rights Related to Automated Decision-Making: Opt-out of automated processing where it significantly affects you.
  • To exercise any of these rights, please contact us at compliance@onemedbilling.org

 

  1. DATA PROTECTION AND SECURITY

We implement appropriate security measures to protect your personal data. While we strive to use commercially acceptable means to safeguard information, we cannot guarantee absolute security due to the nature of data transmission over the internet.

  1. DATA RETENTION

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. This may include retaining data for legal, tax, or regulatory purposes.

  1. INTERNATIONAL DATA TRANSFERS

Personal data may be transferred to and processed in countries outside the UK, EU, or other regions with different data protection laws, including the U.S. We use safeguards approved by GDPR (e.g., Standard Contractual Clauses) to ensure an adequate level of data protection.

  1. COOKIES AND TRACKING TECHNOLOGIES

Our Sites use cookies and similar technologies to enhance user experience, track usage, and serve personalized ads. By using our Sites, you consent to the use of cookies. You may adjust your browser settings to refuse cookies, but some features of the Sites may not function properly.

  1. THIRD-PARTY LINKS

Our Sites may contain links to third-party websites or services. We are not responsible for the privacy practices or content of such websites. We encourage you to review their privacy policies independently.

  1. CHILDREN’S PRIVACY

Our services are not intended for children under the age of 18. We do not knowingly collect personal data from children under 13, as per COPPA. If you believe we have collected information from a minor, please contact us, and we will delete the information.

  1. BREACH NOTIFICATION (EU & UK GDPR)

In the event of a data breach affecting your personal information, we will notify you and the relevant authorities within 72 hours, as required by GDPR.

  1. CHANGES TO THIS POLICY

We reserve the right to update this Policy at any time. Any changes will be posted on this page with an updated effective date. Continued use of our Sites constitutes your acceptance of the revised Policy.

 

  1. CONTACT INFORMATION

Onemed & A2Z Solutions LLC

  • 1007 N Orange St. 4th Floor Ste 1382, Wilmington, DE 19801
  • Email: info@onemedbilling.org
  • Phone: +1 315 366 8242

 

Onemed & A2Z Solutions Private Limited

  • Shaila Towers, 5th Floor, EP Block, Sector V, Bidhannagar, Kolkata, West Bengal, India 700091
  • Email: contact@onemedbilling.org
  • Phone: +91 33 6902 9160