Privacy Policy:

Privacy Policy

At Merino Computer Concepts, Inc., your privacy and data protection are our top priorities. This Privacy Policy explains how we collect, use, and protect personal information when you visit our website or use our services. As a provider of IT and cybersecurity services—particularly for healthcare clients—we uphold strict privacy standards, including compliance with the Health Insurance Portability and Accountability Act (HIPAA).

1. Information We Collect

We may collect the following types of information:

  • Personal Information: Name, email address, phone number, job title, and organization when you contact us or fill out a form.

  • Client Information: For healthcare clients, we may access or process Protected Health Information (PHI) in the course of delivering services.

  • Technical Information: IP address, browser type, operating system, and usage data via cookies or analytics tools.

2. Use of Information

We use the information we collect to:

  • Provide, maintain, and improve our IT, cybersecurity, and support services

  • Respond to inquiries or support requests

  • Customize communications and service offerings

  • Comply with legal and regulatory requirements, including HIPAA

3. HIPAA Compliance

As a service provider supporting healthcare organizations, Merino Computer Concepts, Inc. complies with the HIPAA Privacy and Security Rules when handling PHI. We follow industry best practices for data encryption, access control, monitoring, and breach prevention. When required, we enter into Business Associate Agreements (BAAs) to ensure full compliance with HIPAA regulations.

4. Data Sharing

We do not sell or rent your personal information. We may share data only:

  • With authorized personnel or contractors who support our business operations under strict confidentiality

  • When required by law or legal process

  • With third-party service providers solely to help operate or secure our website and services (e.g., cloud hosting, analytics)

5. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience and gather usage statistics. You can control cookie preferences through your browser settings.

6. Your Rights and Choices

You may contact us to:

  • Access or correct your personal data

  • Request deletion of your information

  • Revoke consent for communication
    Healthcare clients may also request information related to our HIPAA practices or BAAs.

7. Data Security

We use industry-standard security technologies and procedures to protect your data, including administrative, physical, and technical safeguards aligned with HIPAA and cybersecurity best practices. However, no system is entirely immune to risk, and we encourage secure communication practices.

8. Changes to This Policy

We may revise this Privacy Policy from time to time. Updates will be posted on this page with the effective date. Continued use of our services signifies acceptance of any changes.

9. Contact Us

If you have questions about this Privacy Policy, your data, or our HIPAA compliance practices, please contact us at:

Merino Computer Concepts, Inc.
connect@mccpros.com
1-877-365-6800

www.mccpros.com

HIPAA Notice of Privacy Practices

This Notice describes how Protected Health Information (PHI) may be used and disclosed by Merino Computer Concepts, Inc., and how you can access your information.

Merino Computer Concepts, Inc. (“MCC”) is committed to maintaining the privacy and security of our clients’ Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and its implementing regulations.

Our Responsibilities

MCC is a Business Associate that provides IT and cybersecurity services to Covered Entities such as healthcare providers and nonprofit clinics. We:

  • Are required by law to maintain the privacy and security of PHI

  • Provide clients with a Business Associate Agreement (BAA) that outlines permissible uses and disclosures

  • Will not use or share PHI other than as described in the BAA or as permitted by law

  • Use administrative, physical, and technical safeguards to prevent unauthorized access

Permitted Uses and Disclosures

We may use or disclose PHI:

  • For healthcare operations: Only when contracted to do so by the Covered Entity

  • For treatment or payment purposes: Only when necessary for supporting the services provided by the Covered Entity

  • To comply with legal requirements: If required by court order, subpoena, or law enforcement

  • To prevent a serious threat to health or safety: If legally permissible and appropriate

Your Rights

While MCC does not collect PHI from patients directly, we support your rights as outlined by HIPAA, which include:

  • The right to access and receive a copy of your health information from your provider

  • The right to request restrictions or corrections

  • The right to receive a report of certain disclosures

Safeguarding PHI

MCC implements the following safeguards:

  • Data encryption for PHI in transit and at rest

  • Role-based access controls and auditing

  • Secure cloud storage with HIPAA-compliant vendors

  • Breach detection and incident response protocols

Breach Notification

In the event of a data breach involving PHI, MCC will notify affected Covered Entities in accordance with HIPAA’s Breach Notification Rule and contractual obligations.

Questions or Concerns

If you have questions about this notice, or about how your PHI is handled under MCC’s services, please contact us:

Merino Computer Concepts, Inc.
connect@mccpros.com
1-877-365-6800
www.mccpros.com

This notice is provided as a reference for MCC clients and partners. Individual patients should contact their healthcare provider for access to medical records or personal health information.