Notice of Privacy Practices.

When Apellica is engaged to prepare an appeal, the firm functions as a Business Associate to the carriers, providers, and clients whose Protected Health Information passes through the engagement. Apellica handles PHI under HIPAA and HITECH operational controls.

Apellica uses Protected Health Information solely to prepare and coordinate the appeal. This includes assembling medical records, drafting the appeal letter, communicating with the carrier, and coordinating with treating providers when required.

PHI is disclosed only as necessary to perform the appeal: to the carrier through the submission, to providers when records or letters are required, to vendors operating under Business Associate Agreements, and as required by law.

Clients have the right to access PHI Apellica holds about them, request corrections of inaccurate PHI, request restrictions on use, request an accounting of disclosures, and receive notification in the event of a breach affecting their PHI.

Apellica maintains administrative, physical, and technical safeguards to protect PHI, including encryption in transit and at rest, role based access controls, multi factor authentication, and immutable audit logging.

To exercise rights under this notice or to request the full Notice of Privacy Practices, contact the Privacy Officer at privacy@apellica.com.