Privacy Policy for Auth-Hero

Effective Date: 9/30/2024

Last Updated: 9/30/2024

Welcome to Auth-Hero. Your privacy is critically important to us. This Privacy Policy describes how Auth-Hero ("we," "us," or "our") collects, uses, shares, and protects your personal information when you use our website and mobile application (collectively, the "Services"). We comply with the Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the General Data Protection Regulation (GDPR), and other applicable privacy laws.

By using our Services, you consent to the practices outlined in this policy. If you do not agree with this policy, please do not use our Services.

1. Information We Collect

We collect the following types of information:

a. Personal Information

  • Account Information: Name, email address, username, and password when creating an account.
  • Health-Related Data: Patient information such as names, demographics, medical records, diagnoses, insurance adjustor details, and clinic details, which are collected to facilitate Requests for Authorization (RFAs).

b. Technical and Analytical Data

  • Usage Data: Information about how you use our Services, including IP addresses, browser types, device types, and referring URLs.
  • Google Analytics: We use Google Analytics and other tracking technologies to understand user interactions and improve our Services. This includes the use of cookies to collect anonymous data.

c. CAPTCHA

We use Google's Invisible reCAPTCHA to protect against fraud and abuse. Invisible reCAPTCHA collects hardware and software information, such as device and application data, and this information is subject to Google's Privacy Policy and Terms of Use.

2. How We Use Your Information

  • Service Delivery: To process RFAs, communicate with healthcare providers, insurance adjustors, and clinics.
  • Compliance with Laws: To ensure compliance with HIPAA and other privacy regulations.
  • Improvement of Services: To analyze user behavior through Google Analytics and similar tools to improve our Services.
  • Security: To detect and prevent fraud, secure accounts, and protect against abuse.
  • Legal Obligations: To respond to legal requirements and protect our legal rights.

3. Sharing and Disclosure of Information

We do not sell your personal data. We may share your data in the following circumstances:

  • With Service Providers: We may share information with third-party service providers to help operate our Services (e.g., cloud storage, analytics, payment processors).
  • Legal Compliance: We may disclose your personal information if required by law or to protect the rights, property, or safety of our users or others.
  • With Your Consent: We may share your information with third parties when you provide explicit consent.

4. Data Security

We take the security of your personal information seriously. Auth-Hero implements industry-standard encryption (including TLS) to protect sensitive data, such as patient medical records, and access to our Services is restricted to authorized personnel.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy or to comply with legal and regulatory obligations.

6. Your Privacy Rights

a. HIPAA Rights

As a healthcare service provider, Auth-Hero complies with HIPAA. You have the right to access and control your health information.

b. CCPA/CPRA Rights (California Residents)

If you are a California resident, you have the following rights under CCPA and CPRA:

  • Right to Access: Request a copy of the personal information we hold about you.
  • Right to Delete: Request that we delete your personal information.
  • Right to Opt-Out of Sales: Request that we do not sell your personal information (we do not sell your data).

c. GDPR Rights (European Union Residents)

If you are a resident of the European Union, you have the following rights under GDPR:

  • Right to Access: Obtain a copy of your personal data.
  • Right to Rectification: Request corrections to your personal data.
  • Right to Erasure: Request the deletion of your personal data under certain conditions.
  • Right to Data Portability: Request a copy of your data in a machine-readable format.

d. How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@auth-hero.com. We will respond to your request in accordance with applicable law.

7. Third-Party Analytics and Cookies

We use cookies and third-party tools like Google Analytics to collect anonymous information about how our Services are used. You can manage cookies through your browser settings.

For more information on how Google Analytics collects and processes data, please refer to Google's Privacy Policy.

8. Children's Privacy

Auth-Hero does not knowingly collect personal information from individuals under 18 without parental consent. If we discover that we have collected such information, we will take steps to delete it.

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be effective upon posting the revised policy. We encourage you to review this policy regularly.

10. Contact Information

If you have any questions or concerns regarding this Privacy Policy or your data rights, please contact us at:

Auth-Hero

Email: privacy@auth-hero.com

Address: 5960 South Land Park Drive #824
Sacramento, CA 95822