Privacy Policy

Last Updated: March 20, 2026 | Effective: March 20, 2026

Meridian Billing Services LLC ("Meridian," "we," "us," or "our") operates the MICRA-BEV platform and related services accessible at psybilling.com and meridianbilling.com. This Privacy Policy describes how we collect, use, disclose, and protect your information when you use our services.

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, phone number, organization name, and business address.

Protected Health Information (PHI): In the course of providing insurance verification services, we process insurance card images, member identification numbers, subscriber details, and benefit information. This information is handled in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and applicable state regulations.

Usage Data: We collect information about how you interact with our services, including API requests, login timestamps, IP addresses, and feature usage metrics.

Communications: When you contact us or receive system notifications (including SMS messages), we retain records of those communications.

2. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve our insurance verification services
Process insurance card images and verify eligibility and benefits
Authenticate your identity and secure your account
Send transactional communications including password reset codes, account notifications, and service alerts via email and SMS
Monitor usage for billing, rate limiting, and fraud prevention
Comply with legal obligations, including HIPAA requirements
Improve our AI models and service accuracy (only with explicit opt-in consent and using de-identified data)

3. SMS Communications

We may send SMS messages to the phone number associated with your account for the following purposes:

Password reset verification codes
Account security notifications

Message frequency varies based on your account activity; typically 1-5 messages per month. Message and data rates may apply depending on your mobile carrier plan. You may opt out of SMS communications at any time by replying STOP to any message. Reply HELP for assistance. SMS messages are sent from +1 (607) 524-9461.

Your mobile phone number is never sold, rented, or shared with third parties for marketing or promotional purposes. Phone numbers are used exclusively for delivering transactional account security notifications via the MICRA-BEV platform. SMS delivery is facilitated by Twilio under contractual data protection obligations.

We do not send marketing messages via SMS. All SMS communications are transactional and initiated by user actions. For complete SMS consent details, visit our SMS Terms & Consent page.

4. HIPAA Compliance

Meridian Billing Services LLC is a Business Associate under HIPAA. We maintain administrative, physical, and technical safeguards to protect PHI, including:

Encryption of data in transit (TLS 1.3) and at rest (AES-256)
Role-based access controls with per-organization data isolation
Comprehensive audit logging of all data access and modifications
Business Associate Agreements (BAAs) with all covered entity clients
Regular security assessments and workforce training

We do not store PHI in application logs. Insurance card images are retained according to per-organization retention policies and are purged according to the configured schedule.

5. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share information only in the following circumstances:

Clearinghouse Partners: We transmit eligibility inquiry data to Availity and CLAIM.MD to process EDI 270/271 transactions on your behalf. These transmissions are limited to the minimum necessary information for eligibility verification.
Service Providers: We use third-party service providers (e.g., Twilio for SMS delivery) who process data on our behalf under contractual data protection obligations.
Legal Requirements: We may disclose information when required by law, subpoena, or government request, or to protect our rights, safety, or property.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

6. Data Security

We implement industry-standard security measures to protect your information, including encrypted data storage, secure API authentication (JWT bearer tokens), rate limiting, IP whitelisting capabilities, and encrypted clearinghouse credentials (AES-256-CBC). Despite these measures, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Data Retention

We retain account information for as long as your account is active or as needed to provide services. Insurance card images and verification data are retained according to your organization's configured retention policy (default: 7 years for HIPAA compliance). You may request deletion of your account and associated data by contacting us.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

Access the personal information we hold about you
Request correction of inaccurate information
Request deletion of your personal information
Opt out of SMS communications by replying STOP
Request a copy of your data in a portable format

To exercise these rights, contact us at the address below.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn we have collected information from a child under 18, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Meridian Billing Services LLC
PO Box 990001
Boston, MA 02199-0001
Email: admin@psybilling.com