Privacy Policy

AppealIQ LLC ("AppealIQ," "we," "our," or "us") operates the website tryappealiq.com and provides healthcare denial appeal and prior authorization letter generation services. This Privacy Policy describes how we collect, use, disclose, and protect your information.

1. Information We Collect

Contact Information: Name, email address, phone number, and clinic name when you request early access, submit an inquiry, or sign up for our service.

Protected Health Information (PHI): When clinics submit cases through our intake forms, we receive patient-related clinical data necessary to generate appeal and prior authorization letters. This may include patient names, dates of birth, member IDs, diagnosis codes, treatment history, and clinical scores.

Usage Data: We collect anonymous analytics data about how visitors interact with our website (pages visited, time on site). We do not use third-party tracking cookies for advertising.

2. How We Use Your Information

• To generate denial appeal and prior authorization letters as requested by clinics
• To communicate with you about our services
• To improve our tool and service quality
• To comply with legal obligations, including HIPAA requirements

3. Protected Health Information (PHI) Handling

Zero PHI Storage Architecture: AppealIQ operates on a zero-PHI-storage model. Patient data is processed in memory only during letter generation and is never written to any persistent database. Once the letter is generated and delivered, PHI is not retained on our systems.

HIPAA Compliance: AppealIQ is fully HIPAA compliant. We sign a Business Associate Agreement (BAA) with every clinic before processing any PHI. Our infrastructure partners (AWS Bedrock, Google Workspace) have executed HIPAA BAAs with AppealIQ.

PHI Transmission: PHI is encrypted in transit using TLS/HTTPS when transmitted to our AI processing service (AWS Bedrock) and when delivered back to the clinic.

PHI Retention: Form submissions containing PHI are deleted from Google Workspace within 72 hours of letter delivery per our data retention policy.

4. Information Sharing

We do not sell, rent, or trade your personal information or PHI to third parties. We share information only with:

• AWS (Amazon Web Services): Our AI processing partner, under a signed HIPAA BAA
• Google Workspace: Our email and form hosting provider, under a signed HIPAA BAA
• As required by law: To comply with applicable laws, regulations, legal processes, or governmental requests

5. Data Security

We implement administrative, technical, and physical safeguards to protect your information, including:

• Encryption at rest (FileVault full-disk encryption) and in transit (TLS/HTTPS)
• Password hashing (PBKDF2-SHA256) with login lockout protections
• Multi-factor authentication (TOTP) capability
• Hash-chained immutable audit logs
• Rate limiting and session timeout controls
• Content Security Policy (CSP) headers

6. Your Rights

You have the right to:

• Request access to the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your personal information (subject to legal retention requirements)
• Opt out of marketing communications at any time

7. Breach Notification

In the event of a breach involving unsecured PHI, AppealIQ will notify affected individuals and the Department of Health and Human Services (HHS) in accordance with HIPAA Breach Notification Rule (45 CFR §§ 164.400-414), including notification within 30 days of discovery.

8. Children's Privacy

AppealIQ is a B2B service for healthcare providers. We do not knowingly collect personal information from individuals under the age of 13.

9. Changes to This Policy

We may update this Privacy Policy periodically. The "Last Updated" date at the top of this page indicates when the policy was most recently revised. Continued use of our services after changes constitutes acceptance of the updated policy.

10. Contact Us

For questions about this Privacy Policy, HIPAA compliance, or to exercise your rights:

AppealIQ LLC
Dr. Muhammad Farhan Aftab, MD — CEO
3712 Wynnewood Dr, Cedar Falls, IA 50613
Email: MuhammadA@tryappealiq.com