Privacy Policy

Introduction

MNT Systems (‘Company,’ ‘we,’ ‘us,’ or ‘our’) is a HIPAA-compliant medical billing company committed to protecting your privacy and the security of your personal and protected health information. This Privacy Policy explains how we collect, use, disclose, and safeguard information obtained through our website (mntsystems.us) and in the course of providing our medical billing, dental billing, DME billing, revenue cycle management, professional provider credentialing, and virtual medical assistant services.

By accessing or using our website and services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our services.

HIPAA Compliance

As a business associate under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations, including the HIPAA Privacy Rule (45 CFR Parts 160 and 164), the HIPAA Security Rule, and the HITECH Act, MNT Systems is legally required to maintain the privacy and security of Protected Health Information (PHI).

Protected Health Information (PHI)

PHI includes any individually identifiable health information that relates to:

  • The past, present, or future physical or mental health condition of an individual
  • The provision of healthcare to an individual
  • The past, present, or future payment for the provision of healthcare to an individua

Business Associate Obligations

MNT Systems operates as a Business Associate (BA) to covered healthcare entities and fulfills its obligations accordingly, including:

  • Using and disclosing PHI only as permitted or required by applicable Business Associate Agreements (BAAs)
  • Implementing appropriate administrative, physical, and technical safeguards to protect PHI
  • Reporting any breaches of unsecured PHI to the covered entity without unreasonable delay
  • Ensuring that subcontractors who handle PHI agree to the same restrictions and conditions
  • Making PHI available for inspection, amendment, and accounting of disclosures as required

Information We Collect

Personal Information

We may collect the following types of personal information from healthcare providers and their staff:

  • Name, title, and professional credentials
  • Practice name, address, and contact information
  • National Provider Identifier (NPI) numbers and Tax Identification Numbers (TIN)
  • Email address, phone number, and fax number
  • Insurance credentialing and payer enrollment information
  • Electronic Health Record (EHR) or practice management software login credentials (as authorized)

Patient Protected Health Information (PHI)

In performing billing and revenue cycle management services, we may access and process:

  • Patient names, dates of birth, and contact information
  • Patient insurance information and member ID numbers
  • Diagnosis codes (ICD-10), procedure codes (CPT), and clinical documentation
  • Explanation of Benefits (EOBs) and Electronic Remittance Advices (ERAs)
  • Claims history and payment records

Website Usage Data

When you visit our website, we may automatically collect:

  • IP address and browser type
  • Pages visited and time spent on our website
  • Referring URLs and clickstream data
  • Device type and operating system information

How We Use Your Information?

MNT Systems uses the information we collect for the following purposes:

  • Providing medical billing, dental billing, and DME billing services
  • Processing insurance claims and managing accounts receivable
  • Revenue cycle management and reporting
  • Provider credentialing and payer enrollment
  • Insurance benefit verification
  • Payment posting and reconciliation
  • Communicating with healthcare providers regarding billing matters
  • Improving our website and services
  • Complying with legal and regulatory obligations under HIPAA and other applicable laws

We do not use PHI for marketing, fundraising, or other purposes not authorized by the applicable BAA or HIPAA regulations.

Disclosure of Information

Permitted Disclosures

We may disclose protected health information and personal information only as follows:

  • To insurance payers, clearinghouses, and government programs for claims submission and reimbursement
  • To covered entities pursuant to an executed Business Associate Agreement
  • As required by law, including responses to valid legal processes such as court orders or subpoenas
  • To prevent or lessen a serious and imminent threat to the health or safety of an individual or the public
  • For oversight activities authorized by law, including audits and investigations.

Third-Party Service Providers

We may share limited information with third-party vendors who assist in delivering our services (e.g., practice management software platforms, IT service providers). These vendors are contractually required to maintain the confidentiality and security of any information they access and are prohibited from using such information for any purpose other than providing services to MNT Systems.

Mobile Information and Text Messaging Policy

  • No mobile information will be shared with third parties or affiliates for marketing or promotional purposes.
  • All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
  • MNT Systems may use SMS/text messaging solely to communicate with clients regarding account-related matters, appointment reminders, or service notifications.
  • By providing your mobile number, you consent to receive such messages. Standard message and data rates may apply.
  • You may opt out at any time by replying STOP to any message or contacting us directly.

Data Security

MNT Systems implements comprehensive administrative, physical, and technical safeguards to protect all personal information and PHI in accordance with the HIPAA Security Rule (45 CFR Part 164, Subpart C), including:

  • Encryption of PHI in transit and at rest using industry-standard protocols (TLS 1.2+/AES-256)
  • Role-based access controls and multi-factor authentication
  • Regular risk assessments and vulnerability testing
  • Workforce training on HIPAA compliance and data security
  • Audit logs and access monitoring
  • Incident response and breach notification procedures
  • Secure disposal of PHI in accordance with NIST guidelines.

Data Retention

MNT Systems retains PHI and personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy and our Business Associate Agreements, and as required by applicable federal and state laws. Generally, billing records are retained for a minimum of six (6) years from the date of creation or the date they were last in effect, whichever is later, in accordance with HIPAA requirements. Upon contract termination, PHI is returned or destroyed in accordance with the terms of the applicable BAA.

Individual Rights Under HIPAA

Patients whose PHI we process as a Business Associate retain the following rights, which must be exercised through the covered healthcare entity:

  • Right to access and receive a copy of their PHI
  • Right to request amendments to their PHI
  • Right to an accounting of disclosures
  • Right to request restrictions on the use and disclosure of their PHI
  • Right to request confidential communications
  • Right to file a complaint with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) at www.hhs.gov/ocr

Breach Notification

In the event of a breach of unsecured PHI, MNT Systems will notify the affected covered entity without unreasonable delay and no later than sixty (60) calendar days after discovery of the breach, as required under 45 CFR ยง 164.410. The notification will include:

  • A description of the nature of the breach
  • The types of information involved
  • Steps individuals should take to protect themselves
  • Steps MNT Systems is taking to investigate and mitigate the breach

Cookies and Website Tracking

Our website may use cookies and similar tracking technologies to improve functionality and user experience. You may configure your browser to refuse cookies; however, certain features of our website may not function properly without them. We do not use website tracking technologies to collect or process PHI.

Third-Party Links

Our website may contain links to third-party websites, including practice management software platforms. MNT Systems is not responsible for the privacy practices of those third-party sites and encourages users to review those sites’ privacy policies independently.

Children’s Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us immediately so we may take appropriate steps to remove that information.

Changes to This Privacy Policy

MNT Systems reserves the right to update or modify this Privacy Policy at any time. Any changes will be effective upon posting to our website with a revised effective date. We encourage you to review this policy periodically. Your continued use of our services after any changes constitutes your acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

MNT Systems

Website: https://mntsystems.us

For HIPAA-related privacy concerns, you may also contact:

Phone Number: +1 (602) 638-3878

Email: md@mntsystems.us

Scroll to Top