Whether billing stays in-house or goes to a partner, PHI security is non-negotiable. This page documents the standards any practice should demand — use it as an evaluation checklist. It also explains how this website handles your data.
Before any billing team — internal or external — touches a patient record, these controls should be verifiably in place. Ask for evidence, not assurances.
Send these eight items to any current or prospective billing partner and ask for written evidence of each. A quality operation will answer within days without hedging. Evasive answers on items 1, 2, or 4 are disqualifying — those controls are the difference between a compliance program and a compliance promise.
This website is an educational resource. We do not collect, store, or process Protected Health Information (PHI) through this site. Please do not include patient information in any form submission.
When you download a resource or request an assessment, we collect only what the form shows: your name, work email, practice name, specialty, and optionally a phone number. That information is used to deliver what you requested and, if you opt in, to send our newsletter. It is never sold or shared with third parties for marketing. Full details are in our Privacy Policy.
The HIPAA & Offshore guide expands this checklist into a complete due-diligence framework.