Privacy Policy

Privacy Policy

Zechion Med operates the website zechionmed.com and is committed to protecting your privacy and personal information in accordance with applicable U.S. federal and state law.

This Privacy Policy explains how we collect, use, disclose, and safeguard information, including information provided through our website, contact forms, and other digital interactions.

Introduction

Zechion Med provides medical coding, billing, claims processing, and related revenue cycle management services to healthcare providers in the United States. These services require the handling and transmission of Protected Health Information (PHI) as defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Zechion Med acts as a HIPAA Business Associate when providing such services and is subject to specific federal privacy and security requirements.

Scope and Audience: This Privacy Policy applies to information collected from:

  • Website visitors (including prospective clients and general users)
  • Non-PHI information provided through web forms, analytics, and digital engagement.

Note on HIPAA / PHI:

Information about our handling of PHI and privacy practices related to PHI is governed exclusively by Business Associate Agreements (“BAAs”) executed with each healthcare provider client and is not detailed in this public website policy. Each BAA governs the use and disclosure of PHI under HIPAA.

Information We Collect

Non-PHI Data Collected via Website

We may collect non-PHI personal information that you voluntarily provide or that is automatically collected via website technologies, such as:

Voluntarily Provided:

  • Contact form data (name, email address, company, phone number)
  • Inquiry emails or messages
  • Newsletter subscription preferences

Automatically Collected:

  • IP address
  • Browser type and version
  • Usage data (pages visited, time spent)
  • Device identifiers

This information alone does not constitute PHI under HIPAA because it is not derived from health treatment or billing data.

Cookies and Tracking Technologies

We use cookies, pixels, and similar technologies to collect information about your interaction with our website. These technologies may be categorized as:

  • Necessary Cookies: Required for site functionality.
  • Analytics Cookies: Help us understand usage patterns.
  • Marketing / Third-Party Cookies: Only used with your consent.

We provide a cookie banner or preference center to obtain user consent where required by law. Users may change cookie preferences at any time via browser settings or the preference center.

How We Use Information

We use collected information for:

  • Responding to inquiries and client communication
  • Marketing and business development
  • Website improvement and analytics
  • Compliance with applicable laws and regulations
  • Detecting and preventing fraud or security incidents

We do not use or share PHI for marketing purposes.

Data Sharing & Disclosure

We may share non-PHI data with the following categories of third parties:

  • Service Providers: Web hosting, CRM systems, email marketing platforms, analytics vendors
  • Legal and Compliance: Where required by court order, subpoena, or law enforcement request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

PHI Handling:

PHI is not shared on the website and is not used for analytics or marketing. Disclosure and use of PHI are strictly governed by BAAs with healthcare providers.

Data Security

We implement appropriate administrative, physical, and technical safeguards to protect information. These include:

  • Encryption of data in transit and at rest
  • Access control measures and role-based access
  • Regular audits, monitoring, and security reviews
  • Secure transmission protocols (e.g., TLS) for web forms and data capture

We regularly review security practices to maintain compliance with HIPAA and industry standards.

User Rights (Non-PHI)

Depending on your state of residence, you may have rights over your personal information:

Federal and State Rights

  • Access / Correction / Deletion: Request access or deletion of your non-PHI data.
  • Opt-Out: Opt-out of the sale or sharing of your personal information.
  • Non-Discrimination: We do not discriminate against users who exercise their privacy rights.

This includes rights under:

  • California Consumer Privacy Act (CCPA/CPRA) – right to know, delete, opt-out of sale/sharing, correct.
  • Virginia Consumer Data Protection Act (VCDPA)
  • Colorado Privacy Act (CPA)
  • Other state privacy laws as applicable

To exercise rights, contact us via the contact information in Section 9.

International Data Transfers

Our website is hosted in the U.S., and we may transfer information to service providers who operate in the U.S. or internationally to support business operations under appropriate safeguards.

Policy Updates

We may revise this Privacy Policy to reflect changes in legal requirements or business practices. We will update the “Last Updated” date and, when required, notify users of significant changes.

Contact Information

For questions regarding this policy or to exercise privacy rights, contact:

Zechion Med
Email: info@zechionmed.com
Address: 501 Silverside Road, Suite 105 Wilmington, DE 19809