Privacy Policy

1. Scope of This Privacy Policy

This Privacy Policy explains how CareMedox LLC ("CareMedox," "we," "our," or "us") collects, uses, discloses, protects, and retains information through CareMedox.com, our public website forms, online communications, contact requests, referral inquiries, career inquiries, and related website features.

This Privacy Policy is intended for website visitors, prospective clients, healthcare providers, office managers, practice managers, billing managers, referral partners, job applicants, and other business contacts who interact with CareMedox through public website channels.

When CareMedox provides services to a healthcare provider, practice, covered entity, or other regulated organization under a signed client agreement and Business Associate Agreement ("BAA"), the privacy, security, permitted-use, disclosure, retention, and return/destruction obligations for protected health information may be governed by that signed agreement and applicable HIPAA requirements. If a signed agreement conflicts with this website Privacy Policy, the signed agreement should control for that client relationship.

2. Information We Collect

2.1 Business Contact and Inquiry Information

When you complete a form, request a consultation, contact us, use the website chat, or communicate with CareMedox, we may collect information such as:

• Name;
• Practice name, company name, or organization name;
• Professional role or title;
• Email address and phone number;
• State, city, specialty, payer or software interest, and practice type;
• Preferred contact time;
• General billing, RCM, credentialing, denial, AR, eligibility, authorization, referral, audit, or reporting issue;
• Referral program information, including referral source and referred business information; and
• Any other information you choose to provide.

2.2 Service-Related Business Information

For prospective or active clients, we may collect business-level information needed to evaluate service fit, prepare a proposal, schedule a consultation, assess billing workflow, or discuss RCM support. This may include specialty, provider count, approximate volume, current billing challenges, systems used, payer mix, software platforms, and administrative process details.

2.3 Career and Applicant Information

If you submit a career form or employment inquiry, we may collect applicant information such as name, contact details, experience, education, desired position, location, availability, and other information you submit as part of the application process.

2.4 Website and Technical Information

When you visit the website, we or our service providers may automatically collect technical information such as IP address, browser type, device type, pages visited, referral source, approximate location based on IP address, time spent on pages, form interaction data, and other analytics or log information.

3. Protected Health Information and Public Website Forms

CareMedox public website forms and chat features are intended to collect business inquiry information only. They are not intended for patient-specific protected health information ("PHI").

Please do not submit patient names, dates of birth, insurance member IDs, medical record numbers, diagnosis details, claim numbers tied to a patient, or other patient-specific information through public website forms, public chat, or general website inquiry fields.

Provider details, practice information, business contact information, specialty information, software information, and general billing issue descriptions are usually business information, not patient PHI. However, any patient-specific information should be shared only through approved secure channels after appropriate agreements are in place.

If patient PHI is inadvertently submitted through a public website feature, CareMedox may delete, restrict, redirect, or handle the information according to applicable law, internal security procedures, and any applicable client agreement or BAA.

4. How We Use Information

CareMedox may use collected information to:

• Respond to inquiries and consultation requests;
• Evaluate service fit and prepare proposals or service discussions;
• Schedule calls, meetings, billing reviews, audits, or follow-ups;
• Provide, manage, support, and improve services;
• Process referral program inquiries and referral partner communications;
• Review career applications and communicate with applicants;
• Send business, service, operational, or support communications;
• Improve website content, usability, analytics, and user experience;
• Protect website security, prevent fraud, troubleshoot issues, and enforce policies;
• Comply with legal, contractual, regulatory, audit, accounting, and recordkeeping obligations; and
• Perform other purposes described at the time of collection or permitted by law.

5. How We Share Information

CareMedox does not sell patient PHI. CareMedox does not use patient PHI for advertising. We may share business, website, or service-related information only as appropriate for the purposes described in this Privacy Policy, client agreements, BAAs, or applicable law.

We may share information with:

• Service providers and contractors who help operate our website, hosting, email, forms, analytics, communication tools, security, administrative systems, or business operations;
• Client-authorized platforms such as EHR/PMS systems, clearinghouses, payer portals, credentialing systems, secure storage systems, and communication systems used for approved services;
• Professional advisors such as attorneys, accountants, compliance consultants, auditors, or insurers;
• Government, legal, or regulatory authorities when required by law, subpoena, court order, audit, investigation, or legal process;
• Business transfer parties if CareMedox is involved in a merger, acquisition, financing, restructuring, or sale of assets, subject to appropriate safeguards; and
• Other parties with consent or direction from the client, visitor, referral partner, or applicant.

6. Cookies, Analytics, and Similar Technologies

CareMedox may use cookies, pixels, analytics tools, log files, and similar technologies to operate the website, remember preferences, measure site traffic, improve content, understand visitor behavior, protect security, and support marketing or performance analysis.

You may control cookies through your browser settings. Blocking cookies may affect website functionality or user experience. If CareMedox uses analytics or advertising tools in the future, this section should be reviewed and updated to identify relevant providers and opt-out options.

7. Security Measures

CareMedox uses administrative, technical, and physical safeguards designed to protect information appropriate to its sensitivity. These may include secure systems, encryption where appropriate, access controls, password-protected ZIP/RAR files when needed, confidentiality practices, HIPAA training, internal SOPs, and secure transfer procedures.

CareMedox is also building secure client portal workflows for client file exchange and management. Public website forms should not be used to submit patient PHI.

No website, email, server, system, file transfer method, or security process can be guaranteed to be completely secure. If you believe information submitted to CareMedox may have been accessed without authorization, contact us promptly.

8. Data Retention

CareMedox retains information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, provide services, respond to inquiries, manage referral or applicant records, comply with legal obligations, resolve disputes, maintain security, support audits, and enforce agreements.

Client files containing PHI may be retained according to the applicable service agreement, BAA, legal requirements, payer requirements, and internal retention policy. Where applicable and permitted, CareMedox may delete or securely dispose of older PHI-related client files after two years, unless a longer retention period is required by contract, law, payer requirements, dispute, audit, or client instruction.

Non-client website inquiry information may be retained for business follow-up, support, compliance, analytics, and recordkeeping purposes unless deletion is requested and legally permissible.

9. Your Choices and Privacy Rights

You may contact CareMedox to request access, correction, update, or deletion of business contact information you provided through the website, subject to verification, legal limits, and legitimate business or contractual retention requirements.

Depending on your location and applicable law, you may have additional privacy rights, such as the right to know what personal information is collected, request deletion, correct inaccurate information, limit certain uses, opt out of certain sharing, or receive information about disclosure practices.

To make a privacy request, contact us using the information below. We may need to verify your identity and authority before responding. We will not discriminate against you for exercising applicable privacy rights.

10. Email, Phone, and Marketing Communications

When you submit a form, request a consultation, contact us, or provide your contact information, you authorize CareMedox to contact you about your inquiry, services, scheduling, referral opportunities, support matters, or related business communications.

You may request to stop receiving non-essential marketing communications by contacting us or using any unsubscribe method provided. We may still send transactional, operational, legal, security, or service-related communications when necessary.

11. Data Processing Locations and Team Access

Information may be processed by CareMedox team members, contractors, vendors, and service providers in locations where CareMedox or its support teams operate, subject to confidentiality obligations, access controls, internal policies, applicable agreements, and security procedures.

Where a client agreement or BAA requires specific handling, storage, access, or transmission standards, those written requirements should control for the covered client relationship.

12. Security Incidents and Notifications

If CareMedox determines that a security incident, breach, or unauthorized disclosure requires notification under applicable law, a signed BAA, or other agreement, CareMedox will follow applicable contractual and legal notification procedures.

Website visitors should not use public forms or chat to submit emergency, clinical, or patient-specific information.

13. Children’s Privacy

This website is intended for adults, healthcare professionals, business contacts, referral partners, job applicants, and medical practice representatives. It is not directed to children under 13, and CareMedox does not knowingly collect personal information from children under 13 through this website.

14. Third-Party Links and Tools

The website may contain links to third-party websites or may use third-party tools for hosting, analytics, communication, forms, maps, security, or other business purposes. CareMedox is not responsible for the privacy practices, security, terms, or content of third-party websites or services.

15. Changes to This Privacy Policy

CareMedox may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised "Last Updated" date. Continued use of the website after changes are posted means you acknowledge the updated Privacy Policy.