Privacy Policy

At Affordable MD, we’re committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information—especially when it comes to sensitive health data. We are proud to serve clients across the U.S. and internationally and comply with major data protection regulations, including HIPAA (USA), GDPR (EU/UK), and PIPEDA (Canada).

Information We Collect

We may collect the following types of information when you interact with our services or visit our website:

Personal Information

• Name, address, email, phone number
• Employer details and job title (if applicable)

Health and Billing Information

• Protected Health Information (PHI), including patient records, insurance information, billing data, and EHR-integrated data

Technical Information

• IP address, browser type, cookies, usage data, and session analytics
• Device identifiers and geolocation (only with consent, where applicable)

Communications

• Information you provide through contact forms, email, chat, or phone
• Employer details and job title (if applicable)

How We Use Your Information

We use your information to:

• Deliver medical billing and healthcare support services
• Verify insurance eligibility and manage claims
• Manage payments and reconciliations
• Enhance and improve our platform and client support
• Ensure compliance with regulatory frameworks

Legal Basis for Processing (GDPR Compliance)

If you are located in the European Economic Area (EEA), our legal basis for collecting and using personal information includes:

• Your consent
• Fulfillment of contractual obligations
• Compliance with legal obligations
• Legitimate business interests, balanced with your privacy rights

Information Sharing

We do not sell or rent your information. We may share data with:

• Authorized personnel within Affordable MD
• Third-party service providers who support our operations (e.g., cloud hosting, payment gateways), bound by strict confidentiality agreements
• Regulatory authorities as required by law
• Law enforcement, if legally obligated

All sharing is compliant with HIPAA, GDPR, and PIPEDA frameworks.

Data Retention

We retain data only as long as necessary for the purposes described in this policy or as required by law. This includes compliance with tax, regulatory, and contractual obligations.

Security Measures

We implement technical and organizational safeguards to protect your data, including:

• End-to-end encryption
• Access control and user authentication
• Regular risk assessments and penetration testing
• Staff training on data handling and privacy

Your Rights

Depending on your location, you may have rights to:

• Access, correct, or delete your personal data
• Object to or restrict certain data processing
• Withdraw consent at any time (without affecting prior processing)
• Lodge a complaint with your local data protection authority

To exercise your rights, contact us at: [email protected]

Cookies and Tracking Technologies

We may use cookies and analytics tools to improve your website experience. You may control cookie preferences through your browser settings.

International Data Transfers

Because we serve clients across multiple jurisdictions, your data may be processed outside your country. We use safeguards such as Standard Contractual Clauses (SCCs) to protect cross- border data flows in line with GDPR and PIPEDA requirements.

Third-Party Links

Our site may contain links to third-party websites. We are not responsible for their privacy practices or content. We recommend reviewing their policies before interacting.

Changes to This Policy

We may update this Privacy Policy periodically. When we do, we’ll revise the “Last Updated” date above. Continued use of our services implies acceptance of the updated policy.

Contact Us

For questions or concerns about this policy or your data, reach out to: