Privacy & Data Use Policy

🔒 HIPAA Compliance

Velden Health is fully committed to maintaining the privacy and security of Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and its implementing regulations.

• All staff members are HIPAA-trained and certified
• We maintain Business Associate Agreements (BAAs) with all clients
• Regular security audits and compliance reviews
• Encrypted data transmission and storage

📋 Information We Collect

In order to provide our revenue cycle management services, we may collect and process:

• Patient Information: Demographics, insurance details, and billing records
• Clinical Data: CPT codes, diagnosis codes, and treatment information necessary for billing
• Practice Information: Provider credentials, NPI numbers, and facility details
• Financial Data: Payment histories, claim statuses, and accounts receivable data

🎯 How We Use Your Information

We use the information we collect solely for the following purposes:

• Processing medical claims and billing
• Following up on denied or aged accounts receivable
• Communicating with insurance payers
• Generating reports and analytics for your practice
• Ensuring compliance with healthcare regulations

🛡️ Data Security Measures

We implement industry-leading security measures to protect your data:

• Encryption: 256-bit AES encryption for data at rest and TLS 1.3 for data in transit
• Access Controls: Role-based access with multi-factor authentication
• Audit Logs: Comprehensive logging of all data access and modifications
• Secure Infrastructure: HIPAA-aligned cloud hosting with BAA
• Regular Testing: Penetration testing and vulnerability assessments

🤝 Data Sharing & Disclosure

We do not sell, rent, or share your data with third parties except:

• With insurance payers as necessary to process claims
• With clearinghouses for electronic claim submission
• When required by law or legal process
• With your explicit written consent

All third-party service providers are required to sign Business Associate Agreements and maintain HIPAA compliance.

✅ Your Rights

You have the following rights regarding your data:

• Access: Request copies of your data
• Correction: Request corrections to inaccurate information
• Deletion: Request deletion of your data (subject to legal requirements)
• Restriction: Request limitations on how we use your data
• Breach Notification: Be notified of any data breaches affecting your information

📧 Contact Our Privacy Team

If you have questions about our privacy practices or wish to exercise your rights, please contact us:

🔄 Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.