Privacy Policy

  1. Introduction

    This Privacy Policy (“Privacy Policy”) explains how, AGS Health (may also be referred to , in this policy, as “we”, “us”) will access, use, disclose, collect, capture and how, AGS Health intends to safeguard any personal information that may be captured, accessed, used, directly or indirectly, to identify any third party (may also be referred to as “you”), when you visit https://www.agshealth.com/ ("Site") or interact with us offline or provide access to such information. Please read this Privacy Policy carefully. By accessing the Site and/or by providing access to us, you consent to the collection, use and disclosure of your/your patient personal information (“Personal Information”) as described in this Privacy Policy. If you do not agree with any portion of this Privacy Policy, you should not use this Site.

  2. Scope

    This Privacy Policy applies to the Personal Information that we access, capture, collect or receive about you or your patients when we act as the processor/controller for such information. Generally, we collect or receive Personal Information about individual contacts of our customers or other third parties with whom we do business or individuals who apply for a job with AGS.

    AGS Health’s services may also be used by businesses that are our customers, including healthcare providers, health plans, or other covered entities under the Health Insurance Portability and Accountability Act ("HIPAA"). In such cases, AGS Health acts as a processor, service provider, or business associate (as defined by HIPAA) on behalf of our customers using AGS Health services, and the HIPAA Business Associate Privacy Policy included at the end of this document will apply to your or your patients Personal Information collected/captured/used/disclosed/accessed in those contexts. AGS Health takes its role as a business associate seriously and has implemented appropriate policies and procedures to protect protected health information in accordance with HIPAA’s requirements for business associates.

    This Privacy Policy also provides additional information required under California law about our collection, use and disclosure of the information of California residents, along with other required information such as rights that may be available to California residents.

  3. Information Collection

    The types of Personal Information we collect about you depends on how you interact with us. Depending on the services you use, the following are the categories and specific types of Personal Information that we may collect, or have collected in the preceding twelve months, from or about you:

    • Contact Information/Identifiers, including name, email address, postal address, phone number, username, business contact information, or other similar identifiers and account information.
    • Information Specific to the Services, in certain instances, such as invoices, business and commercial communications, order status, and order history.
    • Browser and device data, including your device type, operating system and version, IP address, and general geographic location as indicated by your IP address.
    • Usage data, such as the time you spend on the Site, the content you view and features you access, the pages that referred you to our Site, how you interact with content, and entered search terms, as well as Personal Information that you make available to us via social media.
    • Payment Information, including credit or debit card number, or other financial information that you provided in connection with a transaction.
    • Professional or Employment-Related Information, such as your job title, company you work for, your prior work history, work referral information, and other such professional or employment-related information.
    • Education Information, such as your education history, credentials and other qualifications.
    • Pre-employment Screening, if we offer you a job, we may collect additional background information such as credit history and eligibility information (as permitted by law).
    • Sensitive Personal Information, in limited circumstances, such as data revealing racial or ethnic origin, health or medical data, sexual orientation, citizenship or immigration status, and military or veteran status.
    • Inferences, inferences drawn from or created based on any of the information you provide us.

    Providing your Personal Information is voluntary. However, in some instances, we may be unable to process your request for our services without the requested Personal Information.

    Where we aggregate or deidentify your Personal Information, such data is generally not considered Personal Information under applicable law and therefore we may use or disclose it for any lawful purpose. We will not attempt to reidentify aggregated or deidentified information about you, except that we may do so to test whether our deidentification procedures comply with applicable law.

  4. Sources of Your Personal Information

    We collect your Personal Information in the following ways, pursuant to applicable law:

    • Directly From You, such as when you use our services, provide information to us through the “Contact Us” webform, or otherwise reach out to us.
    • Other Sources, including vendors, background check providers, references, affiliates, and through tracking technologies. To learn more about our use of cookies and similar tracking technologies, please review the "Cookies and Other Tracking Technologies" section below.
  5. Uses of Your Personal Information

    We use your Personal Information to communicate with you relative to the services requested from us or to conduct other general business and commercial purposes (“Business Purposes”). We may collect your Personal Information for the following Business Purposes:

    • To provide you the services or communicate with you about our revenue cycle management solutions.
    • To enable you to access and use our Site.
    • To consider and administer your candidacy for employment.
    • To communicate with you and to respond to your requests, questions, comments, and other inquiries.
    • To understand what partner resources you use, if any, and to connect you to additional resources at your request.
    • To offer you personalized advertisements, which you may be able to opt-out of as explained in the Your Rights" section.
    • To offer you personalized advertisements and marketing and promotional materials, including information relating to our products, services, sales, or promotions, or those of a third party. You may be able to opt-out of these offers as explained in the "Your Rights" section.
    • To administer, maintain, evaluate, and improve our Site and services, and to develop new products and services.
    • To conduct research and analytics related to our Site and services.
    • To manage our business operations, perform our obligations and exercise our rights under any agreement that you or your organization has with us.
    • To comply with our legal or regulatory obligations, to establish or exercise our rights, and to defend against a legal claim.
    • To detect, investigate, prevent, or take action regarding possible malicious, deceptive, fraudulent, or illegal activity, including fraudulent transactions, attempts to manipulate or violate our policies, procedures, and terms and conditions, security incidents, and harm to the rights, property, or safety of AGS Health and our users, customers, employees, or others.
    • For other purposes with your consent, or as otherwise permitted or required by applicable law.
  6. Disclosure of Your Personal Information

    Other than as provided in this Privacy Policy, we do not share your Personal Information with unaffiliated third parties for their own marketing purposes, unless we have your consent or are required by law. We do not sell, rent or lease customer information to third parties.

    Generally, we may disclose your Personal Information to communicate with customers, operate our business, advertise or promote our services, or with your consent. In the past twelve months, we may have disclosed your Personal Information in the following ways:

    • Service Providers. We may disclose Personal Information to authorized third parties who perform services for us (including cloud services, data storage, sales, human resources, and marketing), such as Google Analytics. These third-party service providers are prohibited from using your Personal Information except to provide such services to AGS Health, and they are required to maintain the confidentiality of your Personal Information.
    • Affiliated Companies. We may disclose such Personal Information with subsidiaries, affiliates, or strategic partners as needed to provide our products and services and generally as necessary in the administration of a global organization.
    • Corporate Transaction. We may disclose your Personal Information in connection with, or during negotiations of a proposed or actual corporate merger, acquisition, consolidation, sale of assets, bankruptcy, insolvency or other corporate change. Such recipient will be bound by terms and conditions reasonably similar to those set out in this Privacy Policy.
    • Other Parties. We may disclose your Personal Information to legal, governmental, or judicial authorities, as instructed or required by those authorities or applicable laws, or in relation to a legal activity, such as in response to a subpoena or an investigation of suspected illicit activity. We may also disclose such Personal Information if we believe disclosure is necessary to prevent physical, financial, or other harm, injury, or loss.
    • Deidentified Personal Information. We may disclose or use aggregated or de-identified data for any lawful purpose. Deidentified information is generally not considered to be Personal Information under applicable laws.
    • Additional Disclosures. From time to time, we disclose your Personal Information to our attorneys, banks, auditors, securities brokers and other professional service providers and advisors in connection with the purposes described above.
    • Other Disclosures With Your Consent. We may disclose your Personal Information with your consent to other unaffiliated third parties who are not described elsewhere in this Privacy Policy.

    We may disclose your Personal Information, without notice, if required to do so by law or in the good faith belief that such action is necessary.

  7. Cookies and Other Tracking Technologies

    Every time you come to our Site, our Site’s web server automatically collects information, including, in some instances, Personal Information, through cookies, web beacons, and other similar tracking technologies (collectively “cookies”). Cookies are small text files that are placed on your computer or mobile device when you visit a website. Cookies help a website remember information about your visit, which can make it easier to visit that website again and make that website more useful to you. Some cookies are deleted once you close your browser (session cookies), while other cookies are retained even after you close your browser so that you can be recognized when you return to a website (persistent cookies). More information about cookies and how they work is available at www.allaboutcookies.org.

    Cookies on our Site are generally divided into the following categories:

    Cookie Type Description
    Essential Cookies These are cookies that our Site needs in order to function and that enable you to move around and use the Site and features. Without these essential cookies, the Site will not perform as smoothly, and we may not be able to provide the Site or certain services or features you request. Examples of where these cookies are used include: to determine when your session has been inactive, and for other troubleshooting and security purposes.
    Analytics and Performance Cookies Analytics and performance cookies, including Google Analytics, provide us with information regarding how visitors navigate and interact with our Site. Such cookies allow us to understand, for example, more about how many visitors we have to our Site, how many times they visit us and how many times a user viewed specific pages within our Site. For more information about Google Analytics, please refer to “How Google Uses Information From Sites or Apps that Use Our Services,” which can be found at www.google.com/policies/privacy/partners/, or any other URL Google may provide from time to time.
    Advertising Cookies Advertising cookies may be placed on the Site by us or third parties to enable third party ad networks to recognize a unique cookie on your computer. The information that is collected and shared by these types of cookies may also be linked to the device identifier of the device you are using to allow us to keep track of all the websites you have visited that are associated with the ad network. This information may be used for the purpose of targeting advertisements on our Site and third-party websites based on those interests.

    Most browsers are set to accept cookies by default. You can remove or reject cookies but be aware that such action could affect the availability and functionality of the Sites. You should be aware that getting a new computer, installing a new browser, upgrading an existing browser, or erasing or otherwise altering your browser’s cookies files may also clear certain opt-out cookies, plug-ins, or settings.

  8. Opt-out Preference Signal (Do Not Track)

    AGS Health does not currently recognize Do Not Track signals.

  9. Third-Party Website

    The Site may contain links to third-party websites and applications—such as advertisements and external services—that are not affiliated with us. Once you leave our Site through one of these links, any Personal Information you provide to those third parties will not be covered by this Privacy Policy, and we cannot guarantee its security or privacy. We encourage you to review the privacy policies and practices of any third party before sharing your Personal Information. We are not responsible for the content or the privacy and security practices of any third parties, including websites, services, or applications linked to or from our Site.

  10. Your Rights

    In some jurisdictions, applicable law may entitle you to certain rights regarding your Personal Information. The rights available to you depend on our reason for processing your Personal Information and the requirements of applicable law (i.e., your rights will vary depending on whether you are located in; for example, if you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act provides you with specific rights regarding your Personal Information). Specifically, you may have the following rights:

    • Right to access: You may have the right to obtain from us confirmation as to whether Personal Information concerning you is being processed, and, where that is the case, to request access to the Personal Information.
    • Right to data portability: You may have the right to request that we transfer the Personal Information we have collected about you to another organization, or directly to you, in a structured, commonly used, and machine-readable format, under certain conditions.
    • Right to correct inaccurate information: You may have the right to request that we correct any Personal Information about you that is inaccurate.
    • Right to deletion: You may have the right to request that we delete your Personal Information, under certain conditions.
    • Right to know what Personal Information is sold or shared and to whom, and right to prohibit the sale or sharing of Personal Information: We do not and have not in the preceding twelve months, sold your Personal Information. However, we have shared (in this context, share means use of your Personal Information for cross-contextual behavioral advertising) your Personal Information. You may opt-out of the sharing of your Personal Information by updating your cookie preferences through the Site.
    • Right to limit the processing of your Sensitive Personal Information: We do not disclose Sensitive Personal Information for purposes other than those which cannot be limited under applicable laws including California laws.
    • Right to withdraw consent: Where we rely on your consent to process your Personal Information, you have the right to withdraw that consent at any time with future effect. Such a withdraal will not affect the lawfulness of the processing prior to the consent withdrawal.
    • Right of non-discrimination/retaliation: We do not discriminate against individuals who exercise any of their rights described in this Privacy Policy, nor do we retaliate against individuals who exercise these rights.

    Please note that many of the above rights are subject to exceptions and limitations. Your rights and our responses will vary based on the circumstances of the request. If you choose to assert any of these rights under applicable law, we will respond within the time period prescribed by such law.

    To exercise your rights, please contact us as stated in the Contact Information section of this Privacy Policy.

    If you are located in the State of California in the United States, a person authorized to act on your behalf may make a verifiable request related to your Personal Information. If you designate an authorized person to submit requests to exercise certain privacy rights on your behalf, we will require verification that you provided the authorized agent permission to make a request on your behalf.

    In any circumstances, your request must: (i) provide sufficient information that allows us to reasonably verify that you are the person about whom we collected Personal Information or an authorized representative of that person; and (ii) describe the request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

  11. Retention of Your Personal Information

    We keep your Personal Information for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless otherwise required or permitted by applicable law.

  12. Information Safety

    We are committed to protecting your privacy and security. We have implemented a range of technical and organizational measures designed to protect your Personal Information from unauthorized access. However, please be aware that no security measures are entirely infallible, and we cannot guarantee the absolute security of your Personal Information.

  13. Children’s Privacy

    AGS Health does not knowingly collect any Personal Information from children under the age of 13. Users under the age of 13 should not submit any Personal Information to us. If you believe we have collected Personal Information from your child in error or have questions or concerns about our practices relating to children, please notify us using the details in the Contact Information section below. We will take prompt steps to remove the Personal Information from our systems.

  14. Privacy Policy Changes

    AGS Health reserves the right to change this Privacy Policy at any time. Whenever we update this Privacy Policy, we will post the latest version on this Site and update the version date at the bottom of the page. To the extent required by applicable law, we will notify you of any material changes to this Privacy Policy. We encourage you to periodically review this Privacy Policy so that you will be aware of our updated privacy practices.

    Your continued use of the Site after these modifications will constitute your: (a) acknowledgement of the modified Privacy Policy; and (b) agreement to abide and be bound by that Privacy Policy.

  15. HIPAA Business Associate Privacy Policy

    AGS Health, LLC ("AGS Health") shares a commitment with our Covered Entity customers to protect the security and privacy of Protected Health Information (“PHI”) that we obtain subject to the terms of our service agreements and Business Associate Agreements.

    This Policy is provided to help you better understand how AGS Health captures, uses, discloses, and protects PHI in accordance with the terms of Business Associate Agreements and the Health Insurance Portability and Accountability Act (HIPAA) of 1996, as amended, including without limitation the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 (collectively referred to herein as "HIPAA").

    Definitions

    • Covered Entity: A Covered Entity is a health plan, healthcare provider or healthcare clearinghouse subject to the HIPAA Privacy or Security Rules. Our customers act as the Covered Entity in their interactions with us.
    • Business Associate: A Business Associate is a person or entity who performs functions or activities for, or provides services on behalf of, a Covered Entity that involve the use or disclosure of PHI. AGS Health acts as a Business Associate for its Covered Entity customers. To the extent we utilize service providers to provide services that involve the use or access of PHI of our customers, these service providers act as our downstream Business Associates.
    • Business Associate Agreement: A Business Associate Agreement is a formal written agreement required by HIPAA between AGS Health and its Covered Entity customers, and/or between AGS Health and its Business Associate subcontractors, that requires AGS Health and its Business Associate subcontractors to comply with specific protections afforded to the security and privacy of PHI under HIPAA.
    • Protected Health Information (“PHI”): PHI includes all individually identifiable health information that is transmitted or maintained in any form or medium by a Covered Entity. Individually identifiable information is any information that can be used to identify an individual that was created, used, or disclosed in the course of providing a healthcare service such as diagnosis or treatment, or in relation to the payment for the provision of healthcare services.

    Use and Disclosure of PHI

    Generally, we may only use or access PHI to provide services to our Covered Entity customers as further specified in our Business Associate Agreement and other agreements with our Covered Entity customers, if such use or disclosure of PHI is also permitted or required by HIPAA. We may also use PHI for our management, administration, data aggregation purposes, and legal obligations to the extent that such use of PHI is permitted or required by the Business Associate Agreement and not prohibited by law. Where permitted by our Business Associate Agreement, we may also de-identify PHI in accordance with HIPAA and any such de-identified information is no longer subject to HIPAA.

    In the event that PHI is disclosed to a subcontractor or agent, we will impose a Business Associate Agreement on such subcontractor or agent to obligate such party to abide by the same restrictions and conditions that apply to us under the Business Associate Agreement with respect to PHI, including the implementation of reasonable and appropriate safeguards.

    We may also use PHI to report violations of law to appropriate federal and state authorities and for other purposes in accordance with and to the extent permitted by HIPAA and our Business Associate Agreement.

    Safeguards

    We have established and maintain appropriate safeguards to prevent the use or disclosure of PHI other than as provided for by our services agreements, our Business Associate Agreements, and HIPAA. These safeguards include administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the PHI that we access, receive, process, maintain, and/or transmit on behalf of our Covered Entity customers.

    Examples of such safeguards include but are not limited to:

    • Maintaining HIPAA security policies and procedures to prevent unauthorized access, modification, or destruction of PHI, including but not limited to risk management, incident management, physical security, and IT security.
    • Providing regular employee training to ensure compliance with policies and procedures. The training covers HIPAA requirements (including breach reporting) as well as social engineering techniques like as phishing, vishing, and others.
    • Maintaining unique user IDs, providing role-based access to PHI, and reviewing user access on a regular basis.
    • Maintaining access revocation procedures to prevent unauthorized access after separation.
    • Obtaining annual affirmation of HIPAA security policies and procedures from employees.
    • Maintaining backup, business continuity, and disaster recovery procedures to manage disruptions.
    • Limiting physical access to PHI processing facilities and ensuring background checks are complete.
    • Maintaining security measures on workstations, including automatic screen locking for inactive sessions, scheduled file deletion logoff scripts, strong passwords, disabled removable media access, disabled screenshot and video capturing options, hardened systems, installed antimalware and patch management software, and limited email and internet access.
    • Utilizing encryption solutions to protect PHI from unauthorized access during transfer and at-rest.
    • Periodic security assessments and contingency tests are performed.

    Incident Response

    We have established policies and procedures for reporting breaches of unsecured PHI to the Covered Entity without unreasonable delay and no later than 60 days after discovery.

    Mitigation of Harm

    In the event of a use or disclosure of PHI that is in violation of the requirements of a Business Associate Agreement or HIPAA, we will take steps to mitigate any known, harmful effect resulting from the violation to the extent practicable.

    Such measures will include:

    • Reporting any use or disclosure of PHI not provided for the Business Associate Agreement, and any security incident of data breach that we become aware of, to the Covered Entity; and
    • Documenting such disclosures of PHI and information related to such disclosures as would be required for a Covered Entity to respond to a request for an accounting of disclosures of PHI in accordance with HIPAA.

    Access to PHI

    As provided in the Business Associate Agreement, we will make available to our Covered Entity customers that information necessary for the Covered Entity to provide individuals with their rights of access, amendment, and accounting of disclosures in accordance with HIPAA.

    Upon request from such Covered Entity, we will make our internal practices, books, and records available to the Covered Entity or the Secretary of the U.S. Department of Health and Human Services for the purposes of determining compliance with the terms of the Business Associate Agreement and HIPAA regulations.

    Retention of PHI

    We will generally maintain documentation required by HIPAA (e.g., policies and procedures, training records) for six years and/or as otherwise mandated by our Business Associate Agreements and HIPAA.

    Review and Revision

    This policy will be reviewed on a regular basis and updated as necessary to ensure continued compliance with HIPAA.

  16. Contact Information

    AGS Health welcomes your questions or comments regarding this Privacy Policy and our privacy practices. Please contact us using one of the methods below to submit any such inquiries, or to request to exercise any of your rights:

    E-mail: info@agshealth.com
    Address: 1015 18th St. NW Suite #1101 Washington DC, 20036
    Last update: April 22, 2025