Home/Privacy

Privacy Policy

Last updated: May 2026

What we collect

When you submit our contact or audit-request form, we collect: your name, work email, phone, organization, annual revenue band, primary specialty, and any free-text message you send. When you call or email us, we keep transcripts and email threads for client-service purposes.

Our website uses Google Analytics 4 and Microsoft Clarity to understand traffic patterns. These tools collect anonymized usage data (pages viewed, time on page, scroll depth, referrer, device type) under their respective privacy policies. IP addresses are anonymized.

How we use it

  • To respond to your audit, sales, or partnership inquiry.
  • To send relevant RCM insights and case studies (only if you opt in, never automatic).
  • To improve our website and service offerings.

We do not sell, rent, or share your contact information with third parties for marketing purposes.

HIPAA & PHI

This website does not collect Protected Health Information (PHI). All client engagements involving PHI operate under a signed Business Associate Agreement (BAA) and our HIPAA Security and Privacy program (SOC 2 Type 2, ISO 27001 certified, HITECH compliant). PHI never crosses through this website's marketing forms.

Cookies

We use first-party cookies for session continuity and third-party analytics cookies (Google Analytics, Microsoft Clarity). You can disable cookies in your browser settings. Disabling cookies will not block access to any part of this site.

Data retention

Sales and marketing inquiries are retained in our CRM for 24 months unless you ask us to delete them sooner. Analytics data is retained per the 14-month default for GA4. PHI under client engagements follows your contract and applicable record-retention law (typically 7 years).

Your rights

You can request access, correction, or deletion of any personal information we hold about you by emailing [email protected]. If you are a California resident, you have additional rights under the CCPA; if you are in the EU/UK, under GDPR. We honor all of them.

Security

SOC 2 Type 2 audited annually. ISO 27001 certified. HIPAA & HITECH compliant. HITRUST roadmap underway. AES-256 encryption at rest, TLS 1.2+ in transit.

Contact

Questions about this policy? Email [email protected] or write to ASP-RCM Solutions, 3201 Dallas Pkwy, Suite 200, Frisco TX 75034.