DigiMedix Logo

Privacy Policy

Your privacy and data security are our highest priorities

Effective Date: January 1, 2025
Last Updated: January 1, 2025

1. Introduction

DIGIMEDIX LLC ("DigiMedix," "we," "us," or "our") is committed to protecting the privacy and security of your personal health information (PHI) and personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information in compliance with the Health Insurance Portability and Accountability Act (HIPAA), state healthcare privacy laws, and other applicable regulations.

As a healthcare technology solutions provider, we understand the critical importance of maintaining the confidentiality, integrity, and availability of protected health information. This policy applies to all services provided by DigiMedix, including medical billing, coding, transcription, revenue cycle management, and related healthcare administrative services.

2. HIPAA Compliance and Business Associate Obligations

DigiMedix operates as a Business Associate under HIPAA and maintains strict compliance with all applicable provisions of the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule. We:

  • Execute Business Associate Agreements (BAAs) with all covered entities
  • Implement administrative, physical, and technical safeguards to protect PHI
  • Limit access to PHI to authorized personnel only
  • Maintain audit logs of all PHI access and modifications
  • Report any suspected breaches within required timeframes
  • Provide breach notification to affected parties as required by law

3. Information We Collect

3.1 Protected Health Information (PHI)

We may collect and process PHI on behalf of our clients, including but not limited to:

  • Patient demographic information
  • Medical records and clinical documentation
  • Diagnostic codes and procedure codes
  • Insurance information and billing data
  • Treatment and payment information
  • Audio recordings for transcription services

3.2 Business Information

  • Contact information of healthcare providers and staff
  • Business communications and correspondence
  • Service usage and performance metrics
  • Technical information for system optimization

4. How We Use Information

We use collected information solely for the purposes specified in our Business Associate Agreements and as permitted by HIPAA:

  • Healthcare Operations: Medical billing, coding, transcription, and revenue cycle management
  • Quality Assurance: Monitoring and improving service quality and accuracy
  • Compliance: Meeting regulatory requirements and audit obligations
  • Security: Protecting against unauthorized access and data breaches
  • Business Operations: Managing client relationships and service delivery

5. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer PHI or personal information to third parties except as follows:

  • Authorized Disclosures: As directed by our clients or as permitted by BAAs
  • Legal Requirements: When required by law, court order, or regulatory authority
  • Business Associates: To vetted subcontractors under appropriate agreements
  • Emergency Situations: To prevent serious harm to individuals or public health

6. Data Security Measures

We implement comprehensive security measures including:

Technical Safeguards:

  • 256-bit SSL/TLS encryption
  • Multi-factor authentication
  • Regular security updates
  • Intrusion detection systems
  • Secure data transmission protocols

Administrative Safeguards:

  • Employee background checks
  • HIPAA training programs
  • Access control policies
  • Incident response procedures
  • Regular compliance audits

7. Data Retention and Disposal

We retain information only as long as necessary for business purposes and legal requirements:

  • PHI is retained according to client specifications and legal requirements
  • Business records are maintained for minimum regulatory periods
  • Secure disposal methods are used for all data destruction
  • Certificate of destruction provided upon request

8. Individual Rights

Individuals have the following rights regarding their PHI:

  • Access: Right to access their PHI in our possession
  • Amendment: Right to request amendments to their PHI
  • Restriction: Right to request restrictions on use and disclosure
  • Accounting: Right to an accounting of disclosures
  • Breach Notification: Right to be notified of breaches affecting their PHI

Requests should be directed to the covered entity that originally provided the PHI to DigiMedix.

9. Breach Notification

In the event of a suspected or confirmed breach of PHI, we will:

  • Notify affected covered entities within 60 days of discovery
  • Provide detailed breach assessment and mitigation steps
  • Cooperate with covered entities in patient notification requirements
  • Report to the Department of Health and Human Services as required
  • Implement additional safeguards to prevent future incidents

10. International Data Transfers

DigiMedix operates globally with delivery centers in the United States, Canada, and India. All international data transfers are conducted with appropriate safeguards:

  • Encrypted transmission channels for all data transfers
  • Contractual data protection obligations for international staff
  • Compliance with applicable international privacy laws
  • Regular audits of international operations

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify clients of material changes through appropriate channels and post the updated policy on our website with the effective date.

12. Contact Information

For questions about this Privacy Policy or to report privacy concerns:

Company: DIGIMEDIX LLC

Address: 971 US Highway 202N, Suite R, Branchburg, New Jersey 08876

Phone: 800-845-6504

Privacy Officer: privacyofficer@digimedix.net

Talk with Us