Logo
Contact Now

Privacy Policy

Effective Date: September 2, 2025

This Privacy Policy explains how RCM Express collects, uses, discloses, and protects your information. As a healthcare revenue cycle management (RCM) service provider, we are committed to maintaining the confidentiality of your Protected Health Information (PHI) in strict accordance with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable privacy laws.

This policy is intended to help you understand your rights and our responsibilities when it comes to handling your sensitive data.

1. Our Commitment to Privacy

At RCM Express, we recognize that your health and billing information is deeply personal. Safeguarding this information is not only a legal requirement but also a fundamental part of our mission to serve healthcare providers and their patients with trust and integrity.

We are required by law to:

  • Protect the privacy of your PHI.
  • Provide you with this notice describing our legal duties and privacy practices.
  • Notify you in case of a breach that may compromise the security of your information.

We may revise this Privacy Policy at any time. When updates are made, the revised version will be posted on our website and made available upon request. We encourage you to review this policy periodically so you are informed about how your information is protected.

2. Information We Collect

In the course of providing healthcare revenue cycle management services, we may collect, store, and process the following categories of information:

  • Patient Demographics – Information such as your name, date of birth, address, contact details, and insurance subscriber numbers.
  • Billing and Financial Information – Health insurance details, claims history, payment information, and records necessary for reimbursement and collections.
  • Healthcare Provider Information – Details regarding physicians, hospitals, and other healthcare providers involved in your care to properly facilitate billing and claims.
  • Communication Records – Information you provide to us directly through phone calls, emails, online forms, or through our website.

We collect only the information necessary to deliver our services effectively, comply with laws, and protect the security of your data.

3. How We Use and Disclose Information

Your PHI may be used or disclosed by RCM Express in a variety of ways. Below are the main categories, along with examples of each:

Treatment

We may use or share PHI with your healthcare providers to coordinate and manage your care. For instance, we may confirm diagnoses and treatment codes with providers to ensure accurate billing.

Payment

Your PHI may be used to prepare and submit claims, obtain prior authorizations, verify insurance eligibility, and secure payment from health plans or responsible parties. For example, sharing PHI with your insurance carrier may be necessary to confirm coverage for specific medical services.

Healthcare Operations

We may use PHI for quality assurance, compliance reviews, staff training, data analysis, and audits to ensure that our services meet regulatory and ethical standards. This also includes evaluating the performance of our systems and vendors.

Business Associates

At times, we may work with trusted third-party vendors such as billing software providers, auditors, or transcription services. These entities are considered “business associates” under HIPAA and are required to sign written agreements to protect your information.

SMS Consent

  • If you provide your phone number, you consent to receive service-related text messages from RCM Express.
  • Message frequency may vary depending on the services you use.
  • Standard message and data rates may apply.
  • You may opt out at any time by replying STOP, or request assistance by replying HELP.
  • Your consent data will not be shared with third parties for marketing or promotional purposes.

4. Other Permitted Disclosures Without Authorization

In some cases, we may be required or permitted by law to disclose PHI without your prior authorization. Examples include:

  • Public Health Activities – Reporting communicable diseases, injury data, or adverse events to regulatory agencies.
  • Legal Requirements – Complying with court orders, subpoenas, or law enforcement investigations.
  • Abuse or Neglect Reporting – Disclosing information to authorities if we suspect child abuse, elder abuse, or domestic violence.
  • Workers’ Compensation – Sharing PHI as necessary to comply with workers’ compensation laws and workplace safety requirements.
  • National Security and Military Uses – Providing information to authorized officials for national security, intelligence activities, or to military authorities when applicable.
  • Regulatory Oversight – Providing PHI to government agencies conducting audits, investigations, or inspections.

These disclosures are limited to what is legally required and will be handled with the highest level of confidentiality.

5. Your Rights

You have several important rights under HIPAA regarding your health information. These include:

  • Right to Access and Copy – You may request access to your PHI and obtain copies, including electronic copies, subject to certain legal restrictions.
  • Right to Request Restrictions – You may request limitations on how we use or disclose your PHI. While we are not obligated to agree in all cases, if we do, we will honor your request unless emergency care is needed.
  • Right to Confidential Communications – You may request to be contacted through alternative means (e.g., mailing statements to a different address or contacting you via email).
  • Right to Amend Records – If you believe your records are incorrect or incomplete, you may request an amendment. If we deny your request, you may submit a statement of disagreement.
  • Right to Accounting of Disclosures – You may request a list of certain disclosures of your PHI made by us over the last six years (excluding those made for treatment, payment, or operations).
  • Right to Paper Copy – Even if you agreed to receive this notice electronically, you are entitled to a paper copy upon request.
  • Right to Be Notified of Breach – You will be notified promptly if a breach occurs that may compromise the privacy or security of your PHI.

6. Data Security

We employ administrative, technical, and physical safeguards to protect your PHI. This includes secure servers, encryption, restricted access protocols, employee training, and compliance monitoring. While no system can guarantee absolute security, we continuously update our practices to align with industry standards and regulations.

7. Complaints

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services (HHS). Filing a complaint will not result in retaliation from RCM Express.

To file a complaint or obtain more information, contact:

Privacy Officer – RCM Express
Email: info@rcmexpress.com
Phone: +1 (832) 266-0227

You also have the right to file a complaint directly with the Secretary of Health and Human Services. Instructions for filing are available on the HHS website.

8. Contact Us

For any questions about this Privacy Policy, our privacy practices, or your rights, please contact our Privacy Officer at the address or phone number listed above.