Website Privacy Policy

Last Updated: December 6, 2024

1. Introduction

This Privacy Policy describes how Lexmata LLC ("we," "us," "our," or "Lexmata") collects, uses, maintains, and discloses information collected from users ("you" or "user") of our website and services. This policy has been developed in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and other applicable privacy laws.

2. Protected Health Information (PHI)

2.1 Definition

Protected Health Information (PHI) includes any individually identifiable health information that Lexmata LLC maintains or transmits in any form or medium, whether electronic, written, or oral.

2.2 Collection of PHI

Lexmata LLC collects PHI through secure forms, email communications, and other electronic methods when:

  • You create or access your account
  • You submit healthcare-related information through our platforms
  • You interact with our services
  • You communicate with our support team
  • You upload or share medical documentation

3. Use and Disclosure of Information

3.1 Primary Uses

We use and disclose PHI for:

  • Providing our services and features
  • Processing and completing transactions
  • Healthcare operations and administrative purposes
  • Quality assessment and improvement activities
  • Technical support and customer service
  • Compliance with legal and regulatory requirements

3.2 Other Permitted Uses

Lexmata LLC may use or disclose your PHI without authorization for:

  • Required legal compliance and law enforcement
  • Public health activities and reporting
  • Health oversight activities
  • Response to court orders and subpoenas
  • Emergency situations
  • Research purposes (with appropriate safeguards and approvals)

4. Security Measures

4.1 Technical Safeguards

Lexmata LLC implements robust technical safeguards including:

  • End-to-end encryption for data transmission
  • Advanced encryption for stored data
  • Secure socket layer (SSL) technology
  • Enterprise-grade firewalls and intrusion detection
  • Multi-factor authentication
  • Regular security assessments and penetration testing
  • Automated security monitoring and alerts

4.2 Administrative Safeguards

We maintain comprehensive administrative safeguards including:

  • Regular employee privacy and security training
  • Strict access controls and user authentication
  • Detailed policies for PHI handling and security
  • Business Associate Agreements with vendors and partners
  • Incident response and breach notification procedures
  • Regular compliance audits and assessments
  • Documentation of security practices and procedures

5. Your Rights

Under HIPAA, you have the right to:

  • Access and obtain copies of your PHI
  • Request amendments to your PHI
  • Receive an accounting of PHI disclosures
  • Request restrictions on PHI use and disclosure
  • Receive confidential communications
  • File a complaint about privacy violations
  • Receive notification of privacy breaches
  • Opt-out of certain data sharing practices

6. Website Analytics and Tracking

6.1 Cookies and Similar Technologies

We use cookies and similar tracking technologies to:

  • Improve website functionality and performance
  • Analyze usage patterns and trends
  • Enhance user experience
  • Maintain security measures
  • Remember user preferences

6.2 Third-Party Services

We may use third-party services that collect, monitor, and analyze website usage. These services follow their own privacy policies and may collect non-PHI data.

7. Data Retention and Disposal

7.1 Retention Period

Lexmata LLC retains PHI for:

  • The period required by law
  • The duration necessary to fulfill the purposes outlined in this policy
  • As long as necessary to comply with our legal obligations

7.2 Secure Disposal

When disposing of PHI, we:

  • Use secure deletion methods for electronic data
  • Shred or destroy physical documents
  • Maintain disposal logs and records
  • Verify complete removal of data

8. Contact Information

For privacy-related questions or concerns, contact:

Privacy Officer
Lexmata LLC
1800 JFK Blvd.
Suite 1525
Philadelphia, PA 19103

Email: privacy@lexmata.com

9. Changes to This Policy

Lexmata LLC reserves the right to update this privacy policy at any time. We will notify users of any material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Displaying prominent notices on our platform

10. Effective Date

This policy is effective as of December 6, 2024, and will remain in effect except with respect to any changes in its provisions in the future.

By using Lexmata LLC's services, you acknowledge that you have read and understand this Privacy Policy and agree to its terms.