Medionics Privacy Policy
Last Updated: March 10, 2026
Introduction and Scope
Medionics (“we,” “us,” or “our”) is committed to protecting the privacy and security of the information we collect. This Privacy Policy describes how we collect, use, and protect personal and health information in compliance with the Health Insurance Portability and Accountability Act (HIPAA), the Texas Medical Privacy Act, and other applicable U.S. federal and state laws.
Information We Collect
As a Business Associate to healthcare providers, we collect information necessary to perform Revenue Cycle Management (RCM) and administrative tasks, including:
1. Protected Health Information (PHI): Patient names, dates of birth, social security numbers, insurance details, and clinical documentation.
2. Provider Information: NPI numbers, tax IDs, credentialing documents, and professional history.
3. Usage Data: IP addresses, browser types, and interaction data with our AI-driven dashboards to ensure system security and performance.
How We Use Your Information
We use the collected data strictly for the following purposes:
1. Revenue Optimization: Processing claims, assigning medical codes via AI/NLP, and managing denials.
2. Compliance & Reporting: Tracking MIPS/MACRA performance and quality outcomes.
3. Administrative Support: Verifying patient eligibility and managing provider credentialing.
4. System Security: Monitoring for unauthorized access and maintaining the integrity of our AI platforms.
HIPAA & Data Security Standards
We implement industry-leading security measures that meet or exceed the 2025 HIPAA Security Rule requirements:
1. Encryption: All data is encrypted using AES-256 at rest and TLS 1.3 in transit.
2. Access Control: Strict Multi-Factor Authentication (MFA) is required for all system access.
3. Audit Logs: We maintain immutable logs of all access to PHI to ensure full traceability.
4. Data Residency: All PHI is stored on secure, HIPAA-compliant servers located within the United States.
Disclosure of Information
We do not sell, rent, or trade your information. Disclosure is limited to:
1. Healthcare Payers: Submitting claims to insurance companies for reimbursement.
2. Legal Requirements: When required by law, such as in response to a subpoena or federal audit.
3. Authorized Business Partners: Sub-contractors who have signed a Business Associate Agreement (BAA) and meet our strict security standards.
Your Rights (Texas & Federal Law)
Under HIPAA and the Texas Medical Privacy Act, you and your patients have the right to:
1. Access: Request a copy of the electronic health records we maintain.
2. Amendment: Request corrections to inaccurate information.
3. Accounting of Disclosures: Receive a report of who has accessed or received your PHI for purposes other than treatment, payment, or healthcare operations.
Data Breach Notification
In the event of a suspected or confirmed data breach, Medionics follows a strict 24-hour internal investigation protocol. We will notify affected clients and relevant federal authorities (OCR/HHS) in accordance with the timelines mandated by the HIPAA Breach Notification Rule.
Modifications to Terms
We reserve the right to update these terms to reflect evolving federal and commercial regulatory frameworks. Continued use of our services following such changes constitutes your acceptance of the new terms.