This policy summarizes how we handle information in the service. Covered entities and business associates should execute appropriate agreements (including a Business Associate Agreement where required) and consult qualified counsel.
Account and practice information you provide (for example name, contact, NPI, credentials, billing with our payment processor). Claim and patient-related data you enter or upload for billing operations. Technical data such as IP address, timestamps, and audit logs for security and troubleshooting.
To provide and improve the platform (claims, EDI, appeals, notifications), authenticate users, process subscriptions, comply with law, and protect the service. We do not sell your personal information.
Where the service processes PHI, we implement administrative, physical, and technical safeguards appropriate to our role. Email and SMS alerts are designed to minimize PHI in message content.
We use subprocessors (for example hosting, email delivery, payments, clearinghouse connectivity) as needed to operate the service. Those relationships are governed by contracts appropriate to the services provided.
We retain data as needed to provide the service and meet legal obligations. Access is limited to authorized personnel and systems; you are responsible for safeguarding your account credentials.
Contact us to access, correct, or delete certain information where applicable. Some requests may be limited by law or legitimate business needs (for example billing records).
We may update this policy; the “Last updated” date will change. Continued use after changes constitutes acceptance of the updated policy.
Questions: use the support channel listed on claimflowpay.com or your account correspondence.