top of page

Battle Health Consulting Privacy Policy

Effective Date: May 25, 2024

Welcome to Battle Health Consulting’s Privacy Policy

1. Please read carefully

Battle Health ("we," "us," or "our") respects the privacy of our website visitors and customers ("you" or "your"). This Privacy Policy ("Privacy Policy") describes the types of information we collect from and about you when you visit our website battlehealthconsulting.com (the "Website") and our practices for collecting, using, maintaining, protecting, and disclosing that information.

2. What ‘Personal Information’ do we collect?

2.1. In the course of providing our revenue cycle management consulting services, we may collect certain Protected Health Information (PHI) about your patients. This PHI may include:

  • Demographic information: Names, addresses, dates of birth, phone numbers.

  • Medical information: Diagnoses, treatment records, medication lists, allergies.

  • Health insurance information: Policyholder names, member IDs, insurance plan details.

How Do We Use Your Information?

We use the PHI we collect for several purposes related to our services, all in accordance with HIPAA regulations. These purposes may include:

  • Providing Consulting Services: We may analyze your patients' PHI to identify areas for improvement in your revenue cycle management practices.

  • Ensuring Accurate Billing: We may use PHI to verify patient information for accurate medical billing.

  • Improving Healthcare Delivery: We may use de-identified data to analyze trends and identify opportunities to improve the overall quality of healthcare services.

Your Rights Regarding Your Information

HIPAA grants you certain rights regarding your patients' PHI. These rights include:

  • Right to Access: You have the right to access and copy your patients' medical records we maintain.

  • Right to Amend: You have the right to request amendments to your patients' inaccurate or incomplete medical records in our possession.

  • Right to Request Restrictions: You can request restrictions on how we use or disclose your patients' PHI.

  • Right to Request an Accounting of Disclosures: You have the right to request a list of instances where we have disclosed your patients' PHI.

We will provide you with more information on how to exercise these rights upon request.

Disclosure of Information

We will only disclose your patients' PHI to third parties as permitted by HIPAA regulations. This may include:

  • Disclosures for Treatment, Payment, and Healthcare Operations: We may disclose PHI to healthcare providers involved in your patients' care, billing companies, or for healthcare quality improvement activities.

  • Disclosures Required by Law: We may disclose PHI when required by law, such as for public health purposes or law enforcement investigations.

We will never sell or share your patients' PHI for marketing purposes.

Data Security

We take the security of your patients' PHI very seriously. We have implemented robust security measures to protect PHI, both electronically and physically. These measures include:

  • Encryption: We utilize industry-standard AES-256 encryption to protect all PHI stored electronically, both at rest and in transit.

  • Access Controls: Only authorized personnel with a "need-to-know" are granted access to PHI. We employ access controls such as password protection and user authentication protocols.

  • Regular Audits & Training: We conduct regular security audits to identify and address any vulnerabilities. We also provide ongoing training to our employees on HIPAA regulations and best practices for protecting PHI.

  • Physical Security: We maintain physical safeguards to protect PHI, such as restricting access to server rooms and implementing security measures for workstations that handle PHI.

  • Incident Response: We have a comprehensive incident response plan in place to address any potential security breaches involving PHI. This plan includes procedures for identifying, containing, and reporting any incidents.

2.2. User information:

To provide you the Services, we must collect Personal Information relating to an identified or identifiable natural person (“Personal Information”). We collect Personal Information you provide us, from your use of the Services, and from other sources. Here are the types of Personal Information we collect about you:

  1. Information you provide us. When you register for our Services, sign up for any Battle Health Consulting events, subscribe to our blog(s) or newsletter(s), purchase and/or register domain names, use any of our Services; and/or when you contact us directly by any communication channel (e.g., Battle Health Consulting’s support tickets, emails), you may provide us Personal Information, such as name, email address, phone number, payment information (for Users with Paid Services), information you include in your communications with us and with other users on our platform, and Personal Information contained in scanned identification documents (such as an ID card, driver’s license, passport, or official company registration documents).  

  2. Information we collect when you use the Services. When you visit, download, and/or use any of our Services, we may collect aggregated usage Personal Information, such as Visitors’ and Users’ browsing and ‘click-stream’ activity on the Services, session heatmaps and scrolls, non-identifying Personal Information regarding the Visitor’s or User’s device, operating system, internet browser, screen resolution, language and keyboard settings, internet service provider, referring/exit pages, date/time stamps, etc.

  3. Information we collect from other sources. We may receive Personal Information about you from third-party sources, such as i) security providers , fraud detection and prevention providers for example to help us screen out users associated with fraud, ii) social media platforms, when you log-in or sign-up using your social media account, we may receive Personal Information from that service (e.g., your username, basic profile Personal Information) and in some cases, we may collect Personal Information from lead enhancement companies which help us to improve our service offering; iii) advertising and marketing partners in order to monitor, manage and measure our ad campaigns.

2.3. Users of users ‘Personal Information’

We may also collect Personal Information pertaining to visitors and users of our User’s websites or services (“Users-of-Users”), solely for and on our Users’ behalf.

3. Why do we collect such ‘Personal Information’

We use your Personal Information for the following purposes:

  1. To provide and operate the Services;

  2. .To further develop, customize, expand, and improve our Services, based on Users’ common or personal preferences, experiences and difficulties;

  3. To provide our Users with ongoing customer assistance and technical support;

  4. To be able to contact our Users with general or personalized service-related notices and promotional messages;

  5. To help us to update, expand and analyze our records to identify new customers;

  6. To facilitate, sponsor, and offer certain contests, events, and promotions, determine participants’ eligibility, monitor performance, contact winners, and grant prizes and benefits;

  7. To analyze our performance and marketing activities;

  8. To create aggregated statistical data and other aggregated and/or inferred information, which we or our business partners may use to provide and improve our respective services;

  9. To provide you with professional assistance.

  10. To enhance our data security and fraud prevention capabilities; and

  11. To comply with any applicable laws and regulations.
     

We use your Personal Information for the purposes set out in Section 3 where:

  1. Our use of your Personal Information is necessary to perform a contract or to take steps to enter into a contract with you (e.g. to provide you with a website builder, to provide you with our customer assistance and technical support);

  2. Our use of your Personal Information is necessary to comply with a relevant legal or regulatory obligation that we have; or

  3. Our use of your Personal Information is necessary to support legitimate interests and business purposes (for example, to maintain and improve our Services and the effectiveness of Battle Health Consulting by identifying technical issues), provided it is conducted in a way that is proportionate and that respects your privacy rights.

4. How we share your ‘Personal Information’

We understand that you trust us with your personal information, and we take that responsibility seriously. We will only share your Personal Information in the following ways:

4.1. Service Providers: We may share your Personal Information with third-party service providers who help us operate the Website and provide our services. These service providers are contractually obligated to:

  • Keep your information confidential.

  • Use your information only for the purposes we have authorized.

  • Comply with applicable data privacy regulations.

4.2. Legal Requirements: We may disclose your Personal Information if we are required to do so by law or in the good faith belief that such disclosure is necessary to:

  • Comply with a court order, subpoena, or other legal process served on us.

  • Protect and defend our rights or property.

  • Prevent or investigate potential wrongdoing in connection with the Website.

4.3. Business Transfers: In the event of a business transfer, such as a merger, acquisition, or asset sale, we may transfer your Personal Information to the successor or new owner. We will notify you of any such transfer and provide you with an opportunity to opt-out of the transfer.

We will never share your Personal Information with third-party marketing companies without your prior consent.

4.4. Upon Your Further Direction: The Battle Health Consulting Services enable you, through different techniques, to engage and procure various third party services, products and tools for enhancing your web or mobile sites, including, without limitation, applications and widgets offered to you by third parties through the Battle Health Consulting Website, eCommerce payment providers, third party designers who may assist you with your website, etc. (collectively, “Third Party Services”). If you choose to engage with such Third Party Services, they may have access to and process Personal Information of your Users-of-Users collected through your web or mobile sites. For example:

a) Framed Pages: our Services may enable you to integrate Third Party Services directly into your web or mobile sites, such as via page framing techniques to serve content to or from Third Party Services  or other parties (“Frames”). In these circumstances, the Third Party Services may collect Personal Information from your Users-of-Users.

b) Social Media Features: Our Services may enable you to integrate certain Social Media features, widgets, and single sign on features, such as “Facebook Connect,” or “Google Sign-in” (“Social Media Features”) into your web or mobile sites. These Social Media Features may collect certain Personal Information from your Users-of-Users such as identifiers, including name, alias, unique personal identifier, online identifier, internet protocol address, email address, or other similar identifiers. Social Media Features are hosted either by a third party or directly on our Services.

 

Please note that in the examples listed above in this Section 4.6, Battle Health Consulting merely acts as an intermediary platform allowing you to procure the services of such Third Party Services (including, but not limited to, Third Party Developers, Third Party Apps and Social Media Features) with which you are interacting directly, and at your discretion. In this respect, Battle Health Consulting acts as a service provider to you, disclosing information to the Third Party Services on your behalf. Battle Health Consulting will share your Users-of-Users’ Personal Information with Third Parties Services only upon your direction or with your permission and is not, and shall not be, in any way responsible for such Third Party Services processing of such Personal Information, or liable with respect thereto.

 

Battle Health Consulting does not control and is not responsible for the actions or policies of any Third Party Service, and your use of any Third Party Service is at your own risk. We encourage you to review any privacy policy accompanying a Third Party Service and ask such Third Party Service for any clarifications you may need before deciding to install and/or use their services.

5. Data Security:

We use commercially reasonable measures to protect your information from unauthorized access, disclosure, alteration, or destruction. However, no website or internet transmission is completely secure, and we cannot guarantee the security of your information.

6. Your Choices:

You can opt out of receiving marketing communications from us by following the unsubscribe instructions in those communications. You can also contact us at support@battlehealthconsulting.com to request access to, update, or delete your Personal Information.

7. Changes to this Privacy Policy:

We may update this Privacy Policy from time to time. We will post any changes to this Privacy Policy on the Website.

By using our services, you acknowledge that you have read and understood this Privacy Policy.

Contact Us:

info@battlehealthconsulting.com

8. Use of cookies and other third-party technologies

We and our Third Party Service Providers use cookies and other similar technologies (“Cookies”) in  order for us to provide our Service and ensure that it performs properly, to analyze our performance and marketing activities, and to personalize your experience.

You can learn more about how we use cookies and similar technologies and how you can exercise control over them in our Cookie Policy.

Please note that we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application, however, most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser.

9. Data retention

We may retain your Personal Information (as well as your Users-of-Users’ Personal Information) for as long as your User Account is active, as indicated in this Privacy Policy, or as otherwise needed to provide you with our Services.

We may continue to retain your Personal Information after you deactivate your User Account and/or cease to use any particular Services, as reasonably necessary to comply with our legal obligations, to resolve disputes regarding our Users or their Users-of-Users, prevent fraud and abuse, enforce our agreements and/or protect our legitimate interests.

To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of such data, the potential risk of harm from unauthorized use or disclosure of such data, the purposes for which we process it, and the applicable legal requirements.

10. Security

Battle Health Consulting has implemented security measures designed to protect the Personal Information you share with us, including physical, electronic and procedural measures. Among other things, we offer HTTPS secure access to most areas on our Services; the transmission of sensitive payment information (such as a credit card number) through our designated purchase forms is protected by an industry standard SSL/TLS encrypted connection; and we regularly maintain a PCI DSS (Payment Card Industry Data Security Standards) certification. We also regularly monitor our systems for possible vulnerabilities and attacks, and regularly seek new ways and Third Party Services for further enhancing the security of our Services and protection of our Visitors’ and Users’ privacy.

Regardless of the measures and efforts taken by Battle Health Consulting, we cannot and do not guarantee the absolute protection and security of your Personal Information, your Users-of-Users’ Personal Information or any other information you upload, publish or otherwise share with Battle Health Consulting or anyone else. We encourage you to set strong passwords for your User Account and User Website, and avoid providing us or anyone with any sensitive Personal Information of which you believe its disclosure could cause you substantial or irreparable harm.

Furthermore, because certain areas on our Services are less secure than others (for example, if you set your Support forum ticket to be “Public” instead of “Private”, or if you browse to a non-SSL page), and since e-mail and instant messaging are not recognized as secure forms of communications, we request and encourage you not to share any Personal Information on any of these areas or via any of these methods.

If you have any questions regarding the security of our Services, you are welcome to contact us here.

11. Third-party websites

Our Services may contain links to other websites or services. We are not responsible for such websites’ or services’ privacy practices. We encourage you to be aware when you leave our Services and to read the privacy statements of each and every website and service you visit before providing your Personal Information. This Privacy Policy does not apply to such linked third party websites and services.

12. Public forums and user content

Our Services offer publicly accessible blogs, communities and support forums. Please be aware that any Personal Information you provide in any such areas may be read, collected, and used by others who access them. To request removal of your Personal Information from our blogs, communities or forums, feel free to contact us here. In some cases, we may not be able to remove your Personal Information from such areas. For example, if you use a third party application to post a comment (e.g., the Facebook social plugin application) while logged in to your related profile with such third party, you must login into such application or contact its provider if you want to remove the Personal Information you posted on that platform. 

In any event, we advise against posting any Personal Information (via any means) you don’t wish to publicize.

If you upload any user content to your User Account or post it on your User Website and provide it in any other way as part of the use of any Service, you do so at your own risk.

We have put adequate security measures in place to protect your Personal Information.  However, we cannot control the actions of other Users or members of the public who may access your User Content, and are not responsible for the circumvention of any privacy settings or security measures you or we may have placed on your User Website (including, for instance, password-protected areas on your User Website). You understand and acknowledge that, even after its removal by you or us, copies of User Content may remain viewable in cached and archived pages or if any third parties (including any of your Users-of-Users) have copied or stored such User Content. To clarify, we advise against uploading or posting any information you do not wish to be public.

Additional Information for U.S. State Residents

This section of our Privacy Policy details what Personal Information we collect about you under U.S. applicable privacy laws and regulations, the sources of the Personal Information, the purposes of use and disclosure, and the categories of third parties that may receive that Personal Information. The information in this section applies to you if you are a U.S. resident in a state with an applicable privacy law or regulation.

Please read this section in combination with the other sections of this Privacy Policy for a complete understanding of how we collect, use, and disclose your personal information.

  • Right to Correct Inaccurate Personal Information: You have the right to request that we correct inaccurate personal information about you. Some personal information can be directly changed or corrected by you through our apps and websites.

    • For any questions, you can reach out to us using the method described in this Privacy Policy
       

  • Right to Opt Out of the Sale of Your Personal Information: You can tell us not to "sell" your personal information according to applicable law, even though we don't technically sell your information in the traditional sense. We may share certain categories of Personal Information with our Third Party Service Providers. However,  the current regulation uses a very broad (and somewhat scary) definition of “Sale”."

  • Right to Limit Use of Your Personal Information for Targeted Advertising (defined in California as “Sharing”): You can ask us not to use or disclose your personal information for targeted advertising. Just click on our Do Not Sell or Share My Personal Information link below. You also can use the Global Privacy Control to signal your opt-out preference. To learn more about the GPC please visit https://globalprivacycontrol.org.

Categories of Information:

In the last 12 months, we collected the following categories of personal information (the same categories we collect from all users globally):
 

  • Personal and online identifiers

  • Commercial and transactions information

  • Record-keeping information

  • Internet or other electronic network activity information

  • Non-precise Geolocation data (IP address, only)

  • Audio, electronic, visual, or similar information

  • Inferences drawn from the above information

Sources of Information

We collect Personal Information:

  • You provide us when you register for our Services, sign up for any Battle Health Consulting events, subscribe to our blog(s) or newsletter(s), purchase and/or register domain names, use any of our Services; and/or when you contact us directly by any communication channels
     

  • When you use the Services by visiting, downloading, and/or using any of our Services.
     

  • From third-party sources, such as security providers, fraud detection services, social media platforms, lead enhancement companies, advertising and marketing partners.

Disclosure of Information for Business Purposes:

In the past 12 months, we may have disclosed each of the categories of personal information listed above to our affiliates, Third Party Service Providers, social media platforms, advertising partners, analytics partners, and promotional partners.

Sales or Sharing of Your Information:

Note: for sure, we're not out there auctioning off your data to the highest bidder.
We may have "sold" (using that rather broad and dramatic term as defined by U.S. privacy laws and regulations) or shared the categories of Personal Information listed above in the past 12 months to our affiliates, Third Party Service Providers, promotional partners, advertising partners, analytics partners, and social media platforms.

Battle Health Consultant does not knowingly collect, use, sell or share the Personal Information of children under the age of 16.

Sensitive Personal Information:

We may process Sensitive Personal Information in accordance with applicable laws and do not use or disclose Sensitive Personal Information in any way that would require us to provide an opt-out opportunity under the applicable laws.

Retention of Information:

We retain your Personal Information for the time period reasonably necessary to achieve the purposes described in this Privacy Policy, or any other notice provided at the time of collection.

To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of such data, the potential risk of harm from unauthorized use or disclosure of such data, the purposes for which we process it, and the applicable legal requirements.

bottom of page