top of page

Golden Bee Billing Services, LLC 
HIPAA & HITECH Policy

Effective Date: April 2025

Golden Bee Billing Services, LLC (“GBBS,” “we,” “our,” or “us”) is committed to maintaining the privacy and security of protected health information (PHI) in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH).

This HIPAA Privacy Policy explains how we handle PHI in the course of delivering medical billing services to our clients, and outlines your rights and our responsibilities under federal law.

 

1. Our Role as a Business Associate

As a billing company, GBBS acts as a Business Associate to healthcare providers (Covered Entities). We receive, process, and transmit PHI only for the purposes of providing contracted services such as claims processing, payment posting, insurance verification, denial management, and reporting.

We do not use or disclose PHI for any purposes other than those permitted in our Business Associate Agreements (BAAs) or required by law.

​

2. How We Protect Your Information

We maintain administrative, technical, and physical safeguards to protect PHI, including but not limited to:

  • Encrypted communication tools and secure email platforms

  • Password-protected access to all systems containing PHI

  • Device security measures and restricted user permissions

  • Signed confidentiality and HIPAA training requirements for all staff and contractors

  • Regular monitoring and internal policy reviews

 

3. Permitted Uses and Disclosures

We may use or disclose PHI only as required to carry out billing operations on behalf of our clients, including:

  • Submitting claims to payers

  • Following up on denials or appeals

  • Responding to payer audits or medical record requests

  • Assisting with revenue cycle management services authorized in writing

We may also disclose PHI as required by law (e.g., subpoena or court order) or in the event of a breach in accordance with federal notification rules.

 

4. Breach Notification

If there is ever a breach of unsecured PHI that compromises privacy or security, we will notify the Covered Entity in accordance with the HITECH Act and applicable state and federal requirements. We will cooperate fully in breach investigations and mitigation efforts.

 

5. Client Responsibilities

Covered Entities who contract with GBBS remain responsible for:

  • Obtaining patient consent as required under HIPAA

  • Notifying patients of their rights under the HIPAA Notice of Privacy Practices

  • Ensuring a valid Business Associate Agreement is executed

 

6. Your Rights (as a Covered Entity or Authorized Representative)

You have the right to:

  • Request a copy of our signed Business Associate Agreement

  • Inquire about our privacy and security practices

  • Report a suspected privacy violation involving our services

Please contact us at support@gbbillings.com for any questions or requests.

 

7. Changes to This Policy

We reserve the right to update this HIPAA Privacy Policy as needed to remain compliant with changes in law or operational standards. Updates will be posted to this page and reflected by the effective date above.

 

8. Contact Information

If you have any questions or concerns about this policy, please contact:

Golden Bee Billing Services, LLC
PO Box 271022
Ralston, NE 68127
Email: support@gbbillings.com

​

Staff Certification & Compliance Training

Our team completes certified HIPAA training every two years. View our latest credentials below:

​

​

bottom of page