Privacy Policy

I. Introduction & HIPAA Compliance

FastTrack Credentialing ("we," "us," or "our") is committed to maintaining the highest standards of data privacy and security. As a provider of healthcare administrative services, we act as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA). We are dedicated to protecting the Protected Health Information (PHI) and Personally Identifiable Information (PII) entrusted to us by healthcare providers and organizations.

II. Information We Collect

To facilitate credentialing and practice operations, we collect:

• Professional Credentials: NPI numbers, Tax IDs, state licenses, DEA certificates, and board certifications.
• Personal Information: Legal names, contact information, Social Security Numbers (where required by payers), and work history.
• Practice Data: Financial records for bookkeeping, EDI/ERA transaction data, and patient scheduling information.
• Technical Data: IP addresses, browser types, and usage patterns via cookies.

III. How We Use Your Information

Data is utilized strictly for the following operational purposes:

• Credentialing & Enrollment: Submission to commercial and governmental payers (Medicare/Medicaid).
• Service Delivery: Managing EDI/ERA setups and practice bookkeeping.
• Communication: Providing status updates and regulatory alerts.
• Compliance: Meeting audit requirements and legal obligations.

IV. Data Security & Storage

We implement clinical-grade security measures, including:

• AES-256 Encryption: For all data at rest and in transit.
• Access Controls: Multi-factor authentication (MFA) and role-based access for all staff.
• Secure Servers: Hosting within SOC2-compliant data centers.

V. Third-Party Disclosures

We do not sell your data. Disclosure occurs only:

• To insurance payers and regulatory bodies for the purpose of credentialing.
• To sub-contracted service providers (e.g., secure hosting) under strict Business Associate Agreements (BAAs).
• As required by law or subpoena.