Privacy Policy


Interpretation and Definitions

The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

For the purposes of this Privacy Policy:

You – means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
Company – (referred to as either “the Company”, “We”, “Us”, “Our”, or “AaNeel” in this Agreement) refers to AaNeel Infotech LLC, 6650 Gunn Hwy, Tampa, FL 33625.
  • Service – refers to AaNeel Infotech products and services, such as AaNeel website(s), Electronic Medical Records (EMR) systems, provider practice management systems, healthcare management systems and/or portals (e.g.: Member/Patient Portals, Provider Portals, Broker Portals), software or mobile applications, or other healthcare technology solutions.
  • Service Provider – means any natural or legal person who processes the data on behalf of the Company. It refers to third party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
  • Personal Data – is any information that relates to an identified or identifiable individual.
  • Cookies -are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
  • Breach – unauthorized and not permitted access, use, or disclosure of protected health information, as specified under the Standards for Privacy of Individually Identifiable Health Information (the “Privacy Rule”), that compromises the security or privacy of the protected health information.

Background / Purpose

AaNeel defines Privacy Policy as a legal agreement that is used to disclose the way it gathers, uses and manages the personal information of customers and clients. AaNeel is committed in protecting the privacy of the persons who use the electronic systems that it provides. This document describes AaNeel’s policies and practices regarding the collection and use of personally identifiable information. Personally identifiable information (PII) that AaNeel may collect may include domain names, Internet Protocol (IP) addresses, e-mail addresses contact information (such as name, address, and telephone numbers) and any other information that clients otherwise provide and/or we receive through our systems (“information”).

Policy Statement

AaNeel team provides contractual services, technical and business support for various healthcare organizations, groups and individuals serving Medicare beneficiaries. The Team activities are based on assigned tasks involving healthcare (Medicare) beneficiaries, health care providers and payors. As such, it is expected that each team member performs his/her assigned tasks efficiently and effectively, maintains privacy and security, abides by the workplace discipline and treats clients and beneficiaries with respect and dignity.


Data Collection Practice

AaNeel only collects and uses information for the purpose of providing the information and services that clients need and request. AaNeel does not and will not sell or lease information that it collects. Information collected is only used for a proper business purpose and at no time will be used outside that scope. Personal data processed by AaNeel shall not be kept for longer than is necessary for the intended process or purposes and required by the law. Clients have the right to request that their information be deleted, once the request has been verified the data will be deleted within a reasonable timeframe and as per agreement.

Information We Receive from Beneficiaries:
AaNeel collects beneficiary name, postal address, email address, phone number, and other demographic information (such as gender, occupation, and ethnicity) as well as other information provided by the beneficiaries (such as education and language preference).

Information We Get from Other Organizations and Entities:
AaNeel may receive additional information about beneficiaries from clients, organizations, and entities, such as information from third parties, such as regulatory agencies (CMS, HHS, State), business partners, marketers, researchers, analysts, and other parties that we may use to supplement the information that we collect directly from you.

Information from the use of AaNeel Mobile Apps:
When clients use AaNeel mobile application (apps), it may collect information about the type of device and operating system they use. AaNeel may ask you if you want to receive push notifications about activity in your account. If you opt into these notifications and no longer want to receive them, you may turn them off through your operating system. AaNeel doesn’t access or track any location-based information from your mobile device unless you’ve given us permission. AaNeel may use analytics software (such as to help us better understand how people use our application. AaNeel may collect information about how often you use the app, AaNeel follows an opt-in permission-based text message (SMS) enrollment policy. AaNeel will not send unsolicited, bulk or commercial offers or advertisements without permission. All SMS messages contain information on how to unsubscribe from the list. You may leave our lists at any time for any reason. If you have any questions or feel that you received unsolicited email or an unsolicited SMS message, please contact us.

Use of Personal Information:
AaNeel may use personal information for following purposes:

  • To provide service(s) to clients, which includes physicians, physician groups, health management organizations, accountable care organizations, independent provider associations, management services organizations, and other healthcare providers and industry associates.
  • To operate, maintain, and improve our sites, products, and services.
  • To respond to comments and questions and provide customer service.
  • To send information including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages.
  • To communicate about promotions, upcoming events, and other news about products and services offered by us and our selected partners.
  • To process and deliver contest entries and rewards.
  • To link or combine user information with other information.
  • To provide and deliver products and services at customer’s request.
  • Information may be used for treatment.
    For example, AaNeel may use or disclose health information to aid clients with beneficiary’s coordination of care.
  • Information may be used for payments due to AaNeel or its clients.
    For example, information may be used to determine beneficiary coverage of benefits, to process claims, to identify and report incentive and quality measure data, or for other health care services and solutions provided by AaNeel to its clients.
  • Information may be used for health care operations
    For example, AaNeel may use or disclose health information as necessary to effectively manage daily operations related to contracted services for health care related clients. We may also use or disclose, as-needed, protected health information in order to support AaNeel business activities. These activities may include, but are not limited to, quality improvement initiatives, compliance and auditing activities, training, and accreditation.

Sharing of Information
AaNeel may share information as follows:

  • We may use third-party web analytics services on our services to collect and analyze the information discussed above, and to engage in auditing, research and reporting.
  • We may share information if company merges or is combined with any other organization, or if it transfers all or substantially all of its assets or operations to another organization, it may disclose information it collects from you to the other organization so that the other organization can continue to provide services to you while maintaining your information rights of both access and choice. The other organization will be bound by this policy.
  • We may share information for legal, protection, and safety purposes.
  • We may share information to comply with laws.
  • We may share information to respond to lawful requests and legal processes.
  • We may share information to protect the rights and property of its agents, customers, and others. This includes enforcing agreements and policies AaNeel may share information in an emergency. This includes protecting the safety of its employees and agents, its customers, or any person.
  • We may share information with those who need it to do work for it
  • We are prohibited from using or disclosing protected health information that is genetic information of an individual, unless doing so under contractual obligation for a client that is an issuer of a long-term care policy.
  • AaNeel must obtain an authorization for any disclosure of psychotherapy notes, except to carry out the following treatment, payment, or organizational operations:
    • Use for treatment.
    • Use or disclosure for training programs; and/or,
    • Use or disclosure to defend the organization in legal action or other proceeding brought by the individual and/or their legal representative(s).
  • AaNeel must obtain an authorization for marketing.
  • Other uses and disclosures not described in this Privacy Policy will be made only with the individual’s written authorization, as required by law.
    • Individuals granting authorization may later revoke an authorization in writing as provided by law.

Third Party Providers:
AaNeel may contract with other companies to provide various services to its customers on an outsourced basis rather than performing the services directly. For example, AaNeel may contract with a cloud hosting provider to host some or all of the processing and communication services that AaNeel provides. By continuing to use our services, you consent to AaNeel’s use of these third party providers.

AaNeel processes and/or maintains personal information it receives according to Industry best practices and subsequently transfers any and all liabilities to third parties acting as an agent or on its behalf. AaNeel complies with the industry standards for all onward transfers of personal data including the onward transfer liability provisions.

User Consent Practice

AaNeel follows strict policies on user consent. The five elements below must ALL be met for consent to be considered valid:

  1. Freely given – Individual(s) must not be coerced or pressured into giving consent, or suffer any lack of service or detriment if they refuse to provide consent.
  2. Specific – Individual(s) must agree specifically to each type of data use.
  3. Informed – Individual(s) must be informed of the type of information collected and how it is used.
  4. Unambiguous – Consent language must be clear and easy to understand.
  5. Clear affirmative action – Individual(s) must expressly consent by providing/completing an action that proves consent. For example, individual(s) may submit written consent, use a system consent indicator, such as a system checkbox or another system mechanism to document consent, or may provide verbal consent that can be documented.

When is Consent Required?:

  1. Consent: the individual or client has given clear consent to process their personal data for a specific purpose.
  2. Contract: the processing is necessary for a contract AaNeel has with the individual / client or because the individual or client has asked to take specific steps before entering into a contract.
  3. Legal Obligation: The processing is necessary to comply with the law (beside contractual obligations).
  4. Vital Interest: The processing is necessary to protect someone’s life.
  5. Legitimate interest: The processing is necessary for AaNeel’s legitimate interest or legitimate interests of a third party, unless there is a good reason to protect personal data which overrides those legitimate interests.

Generally speaking, AaNeel will not ask for consent if:

  • AaNeel is carrying out a core or contracted service.
  • AaNeel is required to process personal data by law (legal obligation).
  • AaNeel is processing personal data to the benefit of clients in a way that the users would reasonably expect, with minimal risk and impact on individuals (legitimate interests).

AaNeel will ask for consent while offering a genuine choice over a non-essential service. Typical examples include:

  • Using tracking/advertising cookies.
  • Sending marketing emails or newsletters.
  • Sharing personal data with other companies for commercial purposes.

Security Policy

AaNeel maintains Data Security by protecting the integrity, confidentiality, and availability of Protected Health Information (PHI) and electronic-PHI (e-PHI) that is held or transmitted by AaNeel. AaNeel maintains reasonable and appropriate administrative, technical, and physical safeguards for protecting e-PHI that it receives, stores, and transmits.

How Information is Protected by AaNeel

  1. AaNeel ensures the confidentiality, integrity, and availability of all e-PHI it creates, receives, maintains, or transmits.
  2. AaNeel identifies and protects against reasonably anticipated threats to the security or integrity of the information.
  3. AaNeel protects against reasonably anticipated, impermissible uses or disclosures.
  4. AaNeel ensures compliance by its workforce.
  5. AaNeel implements and maintains protective measures like, secure user access and encryption.

AaNeel ensures the three core components of data protection as follows:


  • That e-PHI is not available or disclosed to unauthorized persons
  • Prohibits against improper uses and disclosures of PHI.

Integrity (storage)

  • That e-PHI is not altered or destroyed in an unauthorized manner.

Availability (Access)

  • That e-PHI is accessible and usable on demand by an authorized person.

How AaNeel Ensures HIPAA Security
Risk Analysis and Management

  • Identify Risk
  • Implement appropriate security measure
  • Maintain continuous, reasonable, and appropriate security protections

Administrative Safeguards

  • Establish a Security Management Process
  • Designate security personnel
  • Workforce Training and Management
  • Perform periodic evaluation

Technical Safeguard

  • Access control – Implement technical guidelines to allow only authorized people to handle e-PHI
  • Audit controls – hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain or use e-PHI
  • Integrity control – Electronic measures must be put in place to confirm that e-PHI has not been improperly altered or destroyed
  • Transmission Security – guard against unauthorized access to e-PHI when transmitted over an electronic network

AaNeel Guideline for Cyber Security and Breach Notification Policy
Reporting Requirements

  • Office of Civil Rights (OCR) – Notice of breach to the Secretary and US Department of Health and Human Services (HHS):
    • Breaches Affecting 500 or More Individuals
      If a breach of unsecured protected health information affects 500 or more individuals, as a Covered Entity, AaNeel shall notify required parties timely. Notification to the Secretary of the breach shall be provided as required and without unreasonable delay.
    • Breaches Affecting Fewer than 500 Individuals
      If a breach of unsecured protected health information affects fewer than 500 individuals, as a Covered Entity, AaNeel shall notify required parties timely. Notification to the Secretary of the breach shall be provided within 60 days of the end of the calendar year in which the breach was discovered.
  • Federal Bureau of Investigation (FBI) – AaNeel shall work with authorized federal agencies and investigations, responding timely to authorized requests.
  • Homeland Security – AaNeel shall work with authorized federal agencies and investigations, responding timely to authorized requests.
  • Office of Inspector General (OIG) – AaNeel shall work with authorized federal agencies and investigations, responding timely to authorized requests.
  • Federal Trade Commission (FTC) – AaNeel shall work with authorized federal agencies and investigations, responding timely to authorized requests.

What AaNeel Will Do?

  • Perform Risk Assessment
  • Address Identified Risks
  • Provide notification(s) following a breach of protected health information as per applicable breach notification provisions implemented and enforced by applicable local and federal regulatory agencies.

Who It Applies To?

  • Covered Entities
  • Business Associates
  • Healthcare vendors, software developers, medical device companies, and other third-party service providers (monitored by the FTC)

Career Note

Please be advised that AaNeel Infotech, nor its affiliates or representatives, will ask for money from individuals under any circumstances to lure them with employment opportunities. If you receive any offer that purports to be from our company, which ask for money, these types of offers are fraudulent. Under no circumstances will AaNeel, its affiliates, or representatives, be liable or responsible for any loss, damage, expense, or inconvenience resulting from these unauthorized attempts and/or activities.

Our Duty

AaNeel is required by law to maintain the privacy of protected health information, to provide clients and/or individuals with notice of its legal duties and privacy practices with respect to protected health information, and to notify affected clients and/or individuals following a breach of unsecured protected health information.

All AaNeel products, subsidiaries, and affiliates are required to abide by the terms of the notice currently in effect. AaNeel reserves the right to change the terms of this Privacy Policy and to make the new notice and provisions effective for all protected health information that it maintains. In the event AaNeel makes a material change this Privacy Policy it shall notify all impacted clients and provide them with a revised notice prior to effectuation in electronic or hardcopy format.

Contact Us

AaNeel recognizes individuals’ rights with respect to protected health information. If you have any questions about this notice or want to exercise any of your rights or file a complaint, please contact us at the below.

  • By Mail: AaNeel Infotech LLC
    ATTN: Privacy Officer
    6650 Gunn Hwy
    Tampa, FL 33625
  • By email:
  • Ext.135
  • Toll-Free Compliance Hotline: 1 (800) 828-1358
  • By Phone: 813-200-5600

AaNeel will not retaliate or act against individuals exercising their rights or for filing a complaint. Our senior privacy and security officials monitor these channels and will respond to you as soon as possible. Individuals may also submit privacy related complaints directly to the Secretary of the U.S. Department of Health and Human Services. You may email your complaint to

Effective 12/21/2023