Privacy Policy
At Rapid Claims ("Rapid Claims", "we", "us", or "our"), we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and protect information in relation to our services.
What Does This Privacy Policy Cover?
This Privacy Policy describes Rapid Claims’ treatment of clients’ data gathered when you upload the charts on our portal, but not the practices of companies we don’t own or control or people that we don’t manage.
Data Hosting and Infrastructure
- AWS Cloud Hosting: All data is hosted on secure AWS cloud servers located in the United States, leveraging AWS’s advanced security features.
- Data Storage Location: We ensure that all patient data is stored exclusively within US borders, complying with national data protection regulations.
Network Security
- Private VPC Network: Our services operate within a private VPC network, offering enhanced security against external threats.
- Firewalls and Intrusion Detection Systems: Robust firewalls and state-of-the-art intrusion detection systems safeguard our network 24/7.
Data Management and Privacy
- Data Collection: We collect necessary patient chart data exclusively for billing purposes, adhering to privacy best practices.
- Data Sharing and Third Parties: Data is never shared with any third party. Internally, only concerned members have access to data.
Compliance and Standards
HIPAA Compliance: Currently holding a provisional HIPAA certificate, with full certification expected shortly. We are also SOC2 and ISO certified.
Data Security Measures
- Access Controls: Strict role-based access controls are enforced to ensure that only authorized personnel access sensitive data.
- Endpoint Security: All employees have endpoint protection software installed that safeguards against any ill usage.
Data Breach Response Plan
Incident Response Plan: A comprehensive incident response plan is in place for prompt and effective handling of any data breaches.
Client Data Handling
- Data Download and Usage: Clients downloading data for offline use must adhere to prescribed security guidelines to maintain data integrity. No PHI data enters our models and it goes strictly against the HIPAA policy.
- Data handling on the portal: Once the data is uploaded on the portal it cannot be downloaded. Only the chart IDs and their ICD and CPT codes would be available for the downloads.
- Endpoint Security: All employees have endpoint protection software installed that safeguard against any ill usage.