Privacy Policy

Eaze Billing is a healthcare outsourcing and offshoring consulting firm operating in the United States. We provide services including healthcare revenue cycle management, BPO and staff augmentation, digital marketing, technology and software development, and strategic consulting to healthcare providers, primarily in Florida and across the US.

We are the data controller for personal information collected through our website and business operations. We are also a Business Associate under HIPAA for any protected health information we handle on behalf of our healthcare clients.

When you fill out our contact form, request a consultation, or communicate with us by email or phone, we may collect:

• Your full name
• Your email address
• Your phone number
• The name of your practice or organization
• Your job title or role
• The type of healthcare organization you represent
• Information about your service needs or business challenges

When you visit our website, we automatically collect certain technical information through cookies and similar technologies:

• Your IP address
• Browser type and version
• Operating system
• Pages visited and time spent on each page
• Referring website or search engine
• Date and time of your visit
• Device type (desktop, mobile, or tablet)

This information is collected using cookies, web beacons, and analytics tools. See our Cookie Policy for full details.

We use the personal information we collect for the following purposes:

• To respond to your inquiries and schedule consultations
• To provide and manage the services you have contracted with us
• To send you information about our services that we believe may be relevant to your practice
• To improve our website, services, and customer experience
• To comply with legal obligations under HIPAA, FIPA, and other applicable law
• To detect and prevent fraud, unauthorized access, or other harmful activity
• To send you service updates, billing information, and other communications related to your account

We do not use your personal information for automated decision-making or profiling that produces legal or similarly significant effects without your consent.

We process your personal information on the following legal grounds:

• Contract performance:  Processing necessary to provide the services you have requested or to take steps before entering into a contract with you.
• Legal obligation:  Processing required to comply with HIPAA, FIPA, federal healthcare regulations, and other applicable US and Florida law.
• Legitimate interests:  Processing necessary for our legitimate business interests, such as improving our services and communicating with prospective clients, provided those interests are not overridden by your rights.
• Consent:  Where we rely on your consent, you have the right to withdraw it at any time by contacting us at info@workwitheaze.com.

We do not sell your personal information. We do not share your personal information with third parties for their own marketing purposes. We may share your information in the following limited circumstances:

We work with trusted third-party service providers who help us operate our business. These include website hosting providers, email platforms, CRM systems, and analytics tools. These providers are authorized to use your information only as necessary to provide services to us and are contractually required to protect your data.

If you are a patient or representative of a patient, and Eaze Billing handles your PHI as a Business Associate for a healthcare provider, we process that information only as directed by the Covered Entity and as permitted under our BAA and HIPAA.

We may disclose your information when required by law, including in response to a court order, subpoena, government investigation, or to report a data breach as required under FIPA or HIPAA breach notification rules.

If Eaze Billing is involved in a merger, acquisition, or sale of all or part of its assets, your information may be transferred as part of that transaction. We will notify you before your personal information is transferred and becomes subject to a different privacy policy.

We retain your personal information for as long as necessary to fulfill the purposes described in this policy, comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods include:

When PHI is involved, we follow the retention and destruction requirements of HIPAA and our BAA with each client.

We use appropriate technical and organizational security measures to protect your personal information against unauthorized access, loss, destruction, or alteration. These measures include:

• Encryption of data in transit using TLS 1.2 or higher
• Encrypted storage for sensitive data at rest
• Role-based access controls so only authorized team members can access your information
• Regular security assessments and vulnerability reviews
• Staff training on data security and privacy obligations

No method of electronic transmission or storage is 100 percent secure. If we become aware of a security breach that affects your personal information, we will notify you as required by FIPA (within 30 days of determining that a breach has occurred) and HIPAA (within 60 days for PHI breaches).

Florida residents have specific rights under the Florida Information Protection Act (FIPA), Florida Statutes Section 501.171, and other applicable Florida law. These rights include:

• The right to know what personal information we hold about you
• The right to request correction of inaccurate personal information
• The right to request deletion of your personal information, subject to our legal retention obligations
• The right to receive notice of a data breach affecting your personal information within 30 days
• The right to opt out of the sale of your personal information (note: we do not sell personal information)

To exercise any of these rights, please contact us at info@workwitheaze.com. We will respond to your request within 30 days. We may need to verify your identity before processing your request.

Our website and services are not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without verifiable parental consent, we will delete that information promptly. If you believe we may have collected information from a child under 13, please contact us immediately at info@workwitheaze.com.

Our website may contain links to third-party websites, including healthcare software vendors, industry organizations, and other resources. We are not responsible for the privacy practices of those websites. We encourage you to read the privacy policy of every website you visit. The inclusion of a link on our site does not imply our endorsement of that website or its privacy practices.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the effective date at the top of this page and, where appropriate, notify you by email or by a prominent notice on our website. We encourage you to review this policy periodically.