Effective Date: July 1, 2025 Last Updated: July 1, 2025 Introduction Medtel ("we," "our," or "us") is committed to protecting the privacy and security of your information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal and protected health information (PHI), in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and SOC 2 Type II standards. Information We Collect We may collect the following types of information:
Personal Identifiable Information (PII): name, email, phone number, address, etc.
Protected Health Information (PHI): medical history, treatment details, patient identifiers
Technical Information: IP address, browser type, device identifiers, usage data
Account & Billing Information: payment history, insurance details (if applicable) How We Use Your Information We use your information for:
Providing and managing healthcare coordination services
Facilitating billing, insurance, and administrative tasks
Complying with legal and regulatory obligations
Enhancing security, reliability, and user experience of our platform
Internal analytics and service improvement Legal Basis for Processing We process your information based on:
Your consent (where applicable)
Fulfillment of service contracts
Legitimate interest in improving our operations
Compliance with legal or regulatory obligations Sharing and Disclosure of Information We may share your information with:
Authorized employees and contractors under confidentiality agreements
Business Associates who have signed HIPAA-compliant Business Associate Agreements (BAAs)
Third-party service providers (i.e. Azure, analytics tools)
Legal authorities when required by law or court order We do not sell or share your information for marketing purposes without your consent. Data Security Measures We implement strong safeguards, including:
Encryption of data at rest and in transit
Role-based access control and multi-factor authentication
Continuous monitoring and threat detection
Security and privacy controls audited under SOC 2 Type II Data Retention and Deletion We retain your information only as long as necessary to fulfill the purposes outlined in this policy and comply with applicable legal and regulatory requirements. Secure deletion and disposal processes are in place once data is no longer needed. Your Rights As a data subject or patient, you have the right to:
Access and obtain a copy of your PHI
Request corrections to inaccurate information
Request restrictions on certain uses or disclosures
Receive an accounting of disclosures
Withdraw consent (where applicable) To exercise these rights, contact us at: security@medtel.com Cookies and Tracking Technologies Our website may use cookies and similar technologies for functionality and analytics. You can control your preferences through your browser settings
