Privacy Policy

1. Overview

Total Medical Solutions ("we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website totalmedicalsolution.com or engage our healthcare BPO services.

By using our website or services, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of our services.

2. Information We Collect

Information You Provide Directly

• Contact Information: Name, email address, phone number, job title, and organisation name when you fill out contact forms or request consultations.
• Business Information: Organisation details, service requirements, and operational information provided during onboarding.
• Communications: Records of your correspondence with us, including emails, phone calls, and chat messages.

Information Collected Automatically

• Log Data: IP address, browser type, pages visited, time of visit, and referring URLs.
• Device Information: Device type, operating system, and unique device identifiers.
• Cookies and Tracking Technologies: See our Cookies section for full details.

Information from Third Parties

We may receive information from business partners, analytics providers, and social media platforms, which we may combine with information we already hold about you.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our services
• Respond to your inquiries and fulfil service requests
• Send administrative communications (service updates, security alerts)
• Send marketing communications (where you have consented)
• Improve our website, services, and customer experience
• Comply with legal obligations and enforce our terms
• Detect and prevent fraud, abuse, and security incidents
• Conduct analytics and business intelligence activities

4. Sharing of Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

• Service Providers: Third-party vendors assisting in operating our website and delivering services, bound by confidentiality obligations.
• Business Partners: With your consent or as necessary to deliver engaged services.
• Legal Requirements: When required by law, subpoena, or governmental authority, or to protect our rights, property, or safety.
• Business Transfers: In connection with a merger or acquisition, with notice provided to affected users.

5. HIPAA Compliance

Total Medical Solutions takes HIPAA compliance extremely seriously. As a Business Associate to covered healthcare entities, we implement comprehensive safeguards to protect Protected Health Information (PHI):

• All staff handling PHI undergo mandatory annual HIPAA training and certification
• PHI access is restricted on a strict need-to-know basis with role-based controls
• All PHI is encrypted at rest (AES-256) and in transit (TLS 1.2+)
• Comprehensive breach notification procedures are maintained and tested regularly
• Business Associate Agreements are executed with all covered entity clients
• Regular risk assessments are conducted per HIPAA Security Rule requirements

6. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. Cookies are small files stored on your device that help us:

• Essential Cookies: Required for basic website functionality. Cannot be disabled.
• Analytics Cookies: Help us understand visitor interactions (e.g. Google Analytics). Can be opted out via our cookie consent manager.
• Marketing Cookies: Used to deliver relevant advertisements. Require explicit consent.

You can control cookies through your browser settings or our cookie consent manager. Disabling certain cookies may affect website functionality. For more information, visit allaboutcookies.org.

7. Data Security

We implement industry-standard security measures to protect your information:

• SSL/TLS encryption for all data transmitted to and from our website
• AES-256 encryption for data stored in our systems
• Regular third-party security audits and penetration testing
• Multi-factor authentication for all internal systems
• Documented incident response plan with defined breach notification procedures

While we strive to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Data Retention

We retain personal information for as long as necessary to fulfil the purposes described in this policy:

• Client service records: Duration of the service relationship plus 7 years
• Marketing communications: Until you opt out or withdraw consent
• Website analytics data: 26 months (anonymised after 14 months)
• Legal and compliance records: As required by applicable law

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal obligations)
• Portability: Request your data in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests or direct marketing
• Withdraw Consent: Where processing is based on consent, withdraw it at any time

To exercise any of these rights, contact us at info@totalmedicalsolution.com. We respond within 30 days.

10. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately and we will delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Updating the "Last Updated" date at the top of this policy
• Sending an email notification to clients with active service agreements
• Displaying a prominent notice on our website

Your continued use of our services following notification constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy, please contact us: