Privacy Policy - Medical Collection Group, LLC

Medical Collection Group, LLC ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us when you:

Register for an account on our website
Request our services
Contact us with inquiries or feedback
Subscribe to our communications

This information may include:

Name and contact information (email address, phone number, mailing address)
Company or facility name
Account credentials
Payment information

Automatically Collected Information

When you access our website, we may automatically collect certain information, including:

IP address and browser type
Device information
Pages visited and time spent on our website
Referring website addresses

How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain our services
Process and fulfill your service requests
Communicate with you about your account and our services
Send administrative information, updates, and security alerts
Respond to your inquiries and provide customer support
Improve our website and services
Comply with legal obligations
Protect against fraudulent or unauthorized activity

How We Share Your Information

We may share your information in the following circumstances:

Service Providers: With third-party vendors who perform services on our behalf (e.g., email delivery, hosting services)
Legal Requirements: When required by law or to respond to legal process
Protection of Rights: To protect our rights, privacy, safety, or property, or that of our users or others
Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal information to third parties.

Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

Encryption of data in transit and at rest
Secure authentication procedures including multi-factor authentication
Regular security assessments and updates
Access controls and employee training

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods include:

Contact form submissions: 24 months from the date of submission, after which personal data is purged
Client account data: For the duration of the business relationship plus 7 years as required by applicable law
Service records: 7 years from the date of service completion, in accordance with healthcare industry record-keeping requirements
Website analytics data: 26 months (anonymized/aggregated)

When retention periods expire, personal data is securely deleted or anonymized. You may request early deletion of your data by contacting us (see below), subject to any legal obligations that require us to retain certain records.

Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

Access: Request access to your personal information
Correction: Request correction of inaccurate information
Deletion: Request deletion of your personal information
Opt-out: Opt out of certain communications

To exercise these rights, please contact us using the information provided below.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

HIPAA Compliance

Medical Collection Group, LLC provides due diligence, research, and verification services to healthcare facilities. In the course of providing these services, we may receive, create, or maintain Protected Health Information (PHI) as defined under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

We are committed to maintaining the privacy and security of PHI in accordance with HIPAA and applicable state laws. Our safeguards include:

Administrative, physical, and technical safeguards as required by the HIPAA Security Rule
Business Associate Agreements (BAAs) with all applicable vendors and service providers
Workforce training on HIPAA privacy and security requirements
Regular risk assessments to identify and address potential vulnerabilities
Access controls that limit PHI access to authorized personnel on a need-to-know basis
Audit logging of access to systems containing PHI
Encryption of PHI in transit and at rest

We do not use or disclose PHI except as permitted or required by our Business Associate Agreements with covered entities, HIPAA, and applicable law.

Breach Notification

In the event of a breach of unsecured PHI, we will notify affected covered entities without unreasonable delay and no later than 60 days following the discovery of the breach, in accordance with the HIPAA Breach Notification Rule (45 CFR §§ 164.400-414). Our breach notification will include:

A description of the breach and the types of information involved
Steps individuals should take to protect themselves
A description of our investigation and mitigation efforts
Contact information for further inquiries

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

Medical Collection Group, LLC
PO Box 49094
Tampa, FL 33646
Phone: 1-800-319-7811
Email: administration@medicalcollections.com