HIPAA & Compliance Notice
Aveniq Medical Partners values privacy and confidentiality. This notice explains how we approach HIPAA-conscious, privacy-aware, and compliance-focused practices in our work with U.S. healthcare practices, and the data-safety boundary for our public AI-assisted billing audit.
Last updated: June 2026
No HIPAA certification claim
There is no formal HIPAA certification for vendors, and we do not claim to be 'HIPAA certified.' We describe our approach as HIPAA-conscious, privacy-aware, and compliance-focused — appropriate for a business associate working with U.S. healthcare practices.
Public website is for general inquiries only
Our public website forms and chatbot are intended exclusively for general business inquiries — such as requesting a consultation, asking about services, or scheduling an audit conversation. They are not a secure channel for patient or clinical data.
AI-assisted billing audit — de-identified data only (MVP)
Our AI-assisted billing audit, instant report, file uploads, intake, and AI-generated full audit reports are intended for de-identified billing and operational data only. Do not upload or paste patient names, dates of birth, medical record numbers (MRN), claim numbers, insurance IDs, member IDs, Social Security numbers, clinical notes, or unredacted EOBs/ERAs. Aggregate and summary-level revenue, denial, AR, and payer-mix data are appropriate.
AI-generated reports are preliminary
AI-generated full audit reports are preliminary, draft outputs based on the information you provide. They are not a final, expert-reviewed deliverable and should not be relied on for clinical, coding, billing, or legal decisions without expert review.
Expert-reviewed reports require Aveniq approval
Only reports explicitly reviewed and approved by an Aveniq specialist are designated as 'expert-reviewed.' Drafts, AI workspace outputs, and unapproved versions are internal and are not shared with clients.
PHI-enabled workflows require a separate process
Any engagement that requires handling Protected Health Information (PHI) — including patient-level data, identified claims, or clinical records — requires a separate onboarding process, a written Business Associate Agreement (BAA), secure data exchange channels, and additional administrative, physical, and technical safeguards. PHI workflows are not enabled on our public website or instant audit.
No guaranteed recovery or outcome claims
We do not guarantee specific revenue recovery, denial reduction percentages, payer approval timelines, or other outcomes. Our reports describe observations and opportunities; actual results depend on payer behavior, practice workflows, and implementation.
Do not submit PHI through this website
Please do not submit Protected Health Information (PHI), patient-specific claim data, diagnosis information, insurance IDs, member IDs, medical records, EOBs containing patient detail, or any other sensitive patient-identifying information through our website forms, chatbot, file uploads, or general email.
Secure channels and formal agreements
Secure communication channels and formal agreements — including a written Business Associate Agreement (BAA) where applicable — are required before we handle any sensitive billing data or patient-related information on behalf of a practice.
Operational practices
Our internal operational practices include role-based access controls, written internal procedures, workforce training, secure workstation requirements, and incident-response procedures appropriate for a business associate. Specific safeguards are reviewed during onboarding.
Reporting concerns
If you believe an Aveniq team member has handled information improperly, or you have a privacy concern, please contact us using the details on our Contact page so we can review and respond.