The Cookie Policy outlines, ACE PRO Health’s cookies and similar tracking technologies on our website www.aceprohealth.com.

As an organization we are into Revenue Cycle Management (RCM) and Allied Healthcare Services. We adhere strictly to HIPAA Security Rule requirements, ensuring that no cookies or tracking mechanisms collect, store, or transmit Protected Health Information (PHI).

This policy forms part of our overall Privacy and Compliance Framework.

In accordance with HIPAA regulations, we do not use cookies to collect or process PHI.

We ensure that:

• No cookie tracks individual patient identifiers
• No clinical, billing, or medical data is captured through cookies
• No analytics tools are configured to store PHI
• No user browsing behavior related to healthcare conditions or services is profiled

Any personal data provided voluntarily (e.g., through inquiry forms) is processed through secure, encrypted channels and is not associated with cookie data.

1. Types of Cookies We Use

1.1. Strictly Necessary Cookies

These cookies are essential for secure and reliable website operation. They support:

• Platform security
• Session integrity
• Form validations and anti-bot protection
• Basic site operations

These cookies do not store personal information or PHI.

1.2. Performance & Analytics Cookies (HIPAA-Safe Configuration Only)

We may use analytics tools to understand website performance and visitor behavior in an aggregate, anonymized manner.

To remain HIPAA-aligned, we ensure that:

• IP anonymization is enabled (where applicable)
• User-level identifiers are disabled
• Data sharing is turned off
• No PHI or sensitive data is captured

These cookies help us improve:

• Page performance
• Content relevance
• User experience

Users can opt out of these cookies.

1.3. Functionality Cookies

These cookies enhance user experience by remembering non-sensitive preferences, such as:

• Language settings
• Form auto-fill choices (non-PHI)
• Region selections

These cookies do not store identifiers, personal health information, or login details.

1.4. Marketing & Advertising Cookies (Optional & Consent-Based)

If used, these cookies:

• Do not collect PHI
• Do not profile users based on health-related searches
• Are activated only upon explicit user consent

These cookies may help display relevant service information to prospective healthcare clients, not individual patients.

2. Cookies We Do Not Use

To comply with HIPAA, we do not use:

• Cookies capturing PHI
• Third-party remarketing cookies tied to healthcare interests
• User-level tracking identifiers
• Cross-site behavioral tracking related to health topics
• Tracking pixels on PHI-related pages or client portals
• Tools that combine cookie data with form submissions

3. User Consent & Control

When users first visit our site, they will be presented with a Cookie Consent Banner providing the following options:

• Accept All Cookies
• Reject Non-Essential Cookies
• Manage Preferences

Users may change their choices anytime through our Cookie Settings panel.

Essential cookies cannot be disabled as they maintain secure website functionality.

4. Limitation of Cookie Usage in Client Portals

Client and patient portals (if applicable) operate on dedicated, HIPAA-secure systems separate from the public website.
These portals:

• Do not use marketing cookies
• Use only essential and security cookies
• Are fully encrypted and authenticated
• Are covered under our HIPAA-compliant infrastructure

5. Data Retention

Cookie data is retained only for the duration necessary to support:

• Site performance
• Security
• User-selected preferences

We follow minimum-retention, privacy-first principles.

Last updated: 22-Nov-2025