top of page

Privacy Policy

1. Who we are

Trelth Solutions LLC (“Trelth,” “we,” “our” or “us”) provides AI-driven revenue-cycle-management (RCM), medical-billing, coding, and analytics services to physician groups, clinics, and health-systems in Florida and South Carolina. We operate www.trelth.com (the “Site”) and related client portals (collectively, the “Services”).

Because we routinely handle protected health information (“PHI”) and other sensitive data, safeguarding privacy is foundational to our business and to our obligations under the Health Insurance Portability and Accountability Act of 1996 as amended by the HITECH Act (together, “HIPAA”). We are also committed to the Florida Digital Bill of Rights (“FDBR”) that took effect 1 July 2024 and to emerging privacy requirements in South Carolina, including House Bill 3401 introduced in 2025.

2. Scope of this Policy

This Policy explains how we collect, use, disclose, and protect “Personal Information” (any information that identifies, relates to, describes, or could reasonably be linked to an individual) and PHI when you:

  • visit or interact with the Site;

  • become a client or prospective client;

  • use any of our client-facing portals or integrations; or

  • communicate with us by phone, email, or other channels.

3. Information we collect

Screenshot 2025-06-17 155035.png

We do not knowingly collect data from children under 13, and PHI for minors is processed solely under a Business Associate Agreement (“BAA”) with the minor’s healthcare provider (see § 11).

4. How we collect information

  • Directly from you when you fill forms, schedule demos, or email us.

  • Automatically via cookies, pixels, and similar technologies (see § 12).

  • From clients who authorize us, under HIPAA-compliant BAAs, to receive PHI and claims data from their EHRs, clearinghouses, and payers.

  • From public or commercial sources (e.g., NPPES, claims databases) for verification and enrichment.

5. Legal bases & compliance framework

  • HIPAA/HITECH – We act as a “Business Associate.”

  • FDBR (Florida) – We provide a “reasonably accessible and clear privacy notice,” updated at least annually, describing data categories, purposes, rights, and opt-out mechanisms.

  • South Carolina – While no comprehensive privacy statute is yet in force, we adopt the security and transparency controls proposed in HB 3401 (scstatehouse.gov).

  • Other U.S. laws – We mirror best-practice standards in the CCPA/CPRA, Virginia VCDPA, Colorado CPA, and federal FTC guidance.

6. Why we use personal information

  • Deliver contracted RCM, coding, auditing, utilization-management, prior-authorization, and patient-payment-estimation services

  • Train, validate, and refine our AI-powered analytics and Agentic-AI workflows (never using PHI for generalized model training without a signed HIPAA authorization or robust de-identification)

  • Detect fraud, errors, and cybersecurity threats

  • Support sales, marketing, and customer success operations (you can opt out; see § 9)

  • Comply with legal obligations, audit requirements, and payer rules

7. Our use of AI & automated decision-making

Trelth leverages proprietary large-language-model pipelines and predictive algorithms to:

  • flag coding inconsistencies and denial risks;

  • generate smart prior-auth packages;

  • forecast AR and cash-flow scenarios; and

  • surface revenue-improvement recommendations.

We maintain human oversight for all AI-supported outputs that may affect clinical or financial outcomes, and we conduct data-protection assessments in line with FDBR and industry guidance before deploying new models.

8. How we share information

We never sell PHI or Personal Information. We disclose data only:

  1. To service providers & subprocessors (cloud hosting, secure SFTP, EHR integration, analytics) bound by written contracts, HIPAA where applicable, and the same confidentiality/security standards.

  2. To payers, clearinghouses, and regulatory bodies as required to perform billing or comply with law.

  3. To our advisors (legal, accounting, cybersecurity firms) under NDA.

  4. During a business transfer (merger, acquisition) with continued protection assurances.

  5. With your explicit consent for any other purpose.

9. Your privacy rights

Florida residents (FDBR):

  • Right to know/access, correct, delete, or port personal data

  • Right to opt out of the sale of personal data, targeted advertising, or automated profiling

  • Right to appeal an adverse decision

South Carolina residents: We honor the transparency, access, deletion, and security controls proposed in HB 3401 while the bill proceeds through the legislature.

HIPAA subjects: You may request an accounting of disclosures, restrictions, or amendments to PHI through your healthcare provider.

How to exercise:
Email privacy@trelth.com or call +1-561-454-9670. We will verify your identity (or that of your authorized agent) and respond within 45 days, extendable once as permitted by law.

10. Data retention

  • PHI: minimum 6 years from the date of creation or last use, per 45 C.F.R. § 164.316.

  • Client-contract data: term of engagement + 7 years.

  • Marketing inquiries: 24 months from last interaction.

  • Web analytics & cookie identifiers: 14 months (Google Analytics default) unless you clear or opt-out sooner.

11. Security measures

  • SOC 2-Type II and HIPAA Security Rule-aligned controls

  • Encryption in transit (TLS 1.3) and at rest (AES-256)

  • Role-based access control and MFA

  • Annual penetration testing and continuous SIEM monitoring

  • Incident-response plan aligned with Florida breach-notification amendments

12. Cookies & similar technologies

We use strictly-necessary cookies for portal authentication and optional analytics cookies (Google Analytics 4, Hotjar) to improve user experience. You can manage or disable cookies via your browser or our cookie banner. Disabling may limit functionality.

13. International visitors

Although we primarily serve U.S. healthcare providers, the Site is accessible worldwide. If you access from regions with data-protection laws (e.g., GDPR), you understand your data may be transferred to the U.S., where privacy standards differ. We rely on Standard Contractual Clauses for any cross-border transfers involving EU personal data.

14. Third-party links

Our Site may contain links to EHR vendors, payer portals, or professional resources. We are not responsible for the privacy practices of those sites. Please review their policies before providing information.

15. Changes to this Policy

We update this Policy at least annually to reflect legal or operational changes. Material updates will appear on this page with a revised “Effective Date,” and, where required, we will notify you via email or a prominent banner.

16. Contact us

Privacy Officer
Trelth Solutions LLC
1510 Spring Harbor Drive.
Delray Beach, FL 33444 | 
Phone: +1-561-454-9670
Email: privacy@trelth.com


If you have questions, concerns, or wish to lodge a complaint, please reach out. You may also file a complaint with the U.S. Department of Health & Human Services Office for Civil Rights if you believe your HIPAA rights have been violated.

bottom of page