Privacy Policy

1. Introduction & Scope

AS Healthcare Solutions ("we," "our," or "us") operates as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA). This Privacy Policy applies to all personal information and protected health information (PHI) collected through our website ashrcm.com and our revenue cycle management services.

2. Information We Collect

2.1. Protected Health Information (PHI)

In the course of providing RCM services, we may collect and process the following PHI:

• Patient demographic information (name, address, date of birth, SSN)
• Insurance information and policy numbers
• Medical record numbers and patient account numbers
• Clinical information related to billing (diagnoses, procedures, dates of service)
• Financial information for billing purposes
• Correspondence related to claims and appeals

2.2. Business Information

We collect information about healthcare providers and practices including:

• Practice names, addresses, and contact information
• Provider NPI numbers and tax identification numbers
• Billing and practice management system credentials
• Staff contact information and roles

2.3. Website Usage Information

When you visit our website, we may automatically collect:

• IP address, browser type, and device information
• Pages visited and time spent on site
• Referring website and search terms
• Cookies and similar tracking technologies (see Section 7)

3. How We Use Your Information

We use collected information for the following business purposes:

• Revenue Cycle Management: Processing claims, eligibility verification, payment posting, and denial management
• Service Operations: Providing and maintaining our RCM services, customer support, and service improvements
• Compliance: Meeting legal obligations, responding to regulatory requests, and maintaining required documentation
• Business Communications: Sending service updates, educational content, and responding to inquiries
• Security: Protecting against fraud, unauthorized access, and security breaches

4. Information Sharing & Disclosure

We do not sell, trade, or rent your PHI to third parties. We may disclose information in these limited circumstances:

4.1. Required Business Disclosures

• Healthcare Providers: To the covered entities we serve, as necessary for RCM operations
• Insurance Payers: To process claims and verify eligibility
• Business Associates: To vendors who provide essential services and have signed Business Associate Agreements
• Clearinghouses: For electronic claims processing

4.2. Legal & Compliance Disclosures

• When required by law, court order, or government regulation
• To comply with HIPAA, HITECH, and other healthcare regulations
• To protect our rights, property, or safety, or that of our clients
• In connection with a business transfer, merger, or acquisition

5. Data Security & Safeguards

We implement comprehensive security measures to protect your information:

• Administrative Safeguards: Security policies, employee training, and risk assessments
• Physical Safeguards: Secure facilities, access controls, and device encryption
• Technical Safeguards: Encryption, secure networks, multi-factor authentication, and regular security updates
• Organizational Safeguards: Business Associate Agreements, confidentiality agreements, and compliance monitoring

All employees and contractors receive regular HIPAA compliance training and are bound by confidentiality obligations.

6. Your Rights & Choices

Depending on your relationship with us, you may have the following rights:

• Access & Inspection: Right to access and obtain copies of your PHI
• Amendment: Right to request corrections to inaccurate or incomplete information
• Accounting of Disclosures: Right to receive a list of certain disclosures of your PHI
• Restrictions: Right to request restrictions on certain uses and disclosures
• Confidential Communications: Right to request alternative communication methods
• Complaints: Right to file a complaint if you believe your privacy rights have been violated

7. Cookies & Tracking Technologies

Our website uses cookies and similar technologies to enhance user experience and analyze website traffic. You can control cookie settings through your browser preferences. We do not use cookies to collect PHI.

8. Data Retention

We retain PHI for the minimum period required by state and federal laws, typically 6 years from the date of creation or last use, whichever is later. Some records may be retained longer for legal, regulatory, or business purposes.

9. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any information.

10. International Data Transfers

AS Healthcare Solutions primarily operates within the United States. If we transfer data internationally, we ensure appropriate safeguards are in place to protect your information in compliance with applicable laws.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Continued use of our services after changes constitutes acceptance of the modified policy.

12. Contact Information & Exercising Your Rights

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact our Privacy Officer:

For complaints about privacy violations, you may also file a complaint with the Secretary of the U.S. Department of Health and Human Services.