top of page

Compliance

Coastal Medical Billing is committed to operating with integrity, transparency, and full compliance with applicable federal and state regulations. As a HIPAA-compliant business associate serving healthcare providers across Georgia, we hold ourselves to the highest standards of ethical conduct, data protection, and accountability.

The policies below outline our compliance commitments in detail.

Select any item to read the full policy.

Policies​

Anti-Fraud & Compliance Program

Coastal Medical Billing maintains an active compliance program modeled on the seven elements recommended by the U.S. Department of Health and Human Services Office of Inspector General (OIG). Our program is designed to prevent, detect, and correct fraud, waste, and abuse in all billing operations. Employees and clients are encouraged to report concerns without fear of retaliation.

→ [Read our Anti-Fraud & Compliance Program Statement]

Code of Ethics

Every employee and representative of Coastal Medical Billing is held to clear standards of honesty, accuracy, and professionalism. Our Code of Ethics addresses accurate coding and billing practices, confidentiality obligations, conflicts of interest, and the prohibition against gifts and inducements consistent with the Anti-Kickback Statute.

→ [Read our Code of Ethics & Professional Conduct]

Breach Notification

In the event of a data breach, Coastal Medical Billing follows the notification requirements of Georgia's Personal Identity Protection Act (O.C.G.A. § 10-1-912) and the HIPAA Breach Notification Rule. This policy explains what triggers a notification, who is notified, and how to report a suspected incident.

→ [Read our Data Breach Notification Statement]

Business Associate Agreements

Coastal Medical Billing executes a Business Associate Agreement (BAA) with every covered entity it serves, as required by HIPAA and the HITECH Act. This notice explains our obligations as a business associate, what a BAA covers, and how to request one.

→ [Read our BAA Availability Notice]

Data Security

Our website does not collect, store, or transmit protected health information (PHI). All PHI is handled exclusively through secure, HIPAA-compliant channels that are entirely separate from this website. This statement describes the safeguards we apply to information collected through the site and clarifies how PHI is handled offline.

→ [Read our Data Security Statement]

Client Rights & Responsibilities

We believe effective billing services are built on a shared commitment between Coastal Medical Billing and the providers we serve. This document outlines what you can expect from us — including accurate billing, confidentiality, and prompt breach notification — and the responsibilities we ask our clients to uphold.

→ [Read Client Rights & Responsibilities]

Record Retention & Destruction

Coastal Medical Billing retains records in accordance with HIPAA's six-year retention requirement, CMS guidelines, and applicable Georgia law. When records reach the end of their required retention period, they are destroyed securely using methods consistent with NIST Special Publication 800-88. Clients may request access to records maintained on their behalf.

→ [Read our Record Retention & Destruction Policy]

Social Media & External Communications

Content published by Coastal Medical Billing on social media and third-party platforms is for general informational purposes only and does not constitute professional advice or create a client relationship. Coastal Medical Billing will never request or disclose PHI through any public platform. This disclaimer covers our social media practices, third-party content, and employee use guidelines.

→ [Read our Social Media & External Communications Disclaimer]

Questions or Concerns?

If you have a compliance question, wish to request a Business Associate Agreement, or need to report a suspected breach or security incident, please contact:

Emilee Usry Coastal Medical Billing Phone: (912) 355-8188 | Toll-Free: 1-866-581-8246 Fax: (912) 356-6970 Email: eusry@coastmedbill.com

For breach or security reports, please include "URGENT: Security Incident" in the email subject line.

Website Privacy Policy | Terms of Use | Accessibility Statement | BAA Notice | Data Breach Notification | Contact Us

 

Coastal Medical Billing

Physical address: 1934 East Montgomery Cross Road

Savannah, GA 31406

Mailing address: P. O. Box 16118

Savannah, GA 31416

Phone: (912) 355‑8188

Toll‑free: 1‑866‑581‑8246

Fax: (912) 356‑6970

Primary Contact:  Emilee Usry

Email: eusry@coastmedbill.com

Our website does not collect or store PHI (patient protected health information).

Client PHI is exchanged only through secure portals, encrypted channels, or other agreed secure methods under executed BAAs.

  • BAA / PHI handling: We enter into HIPAA Business Associate Agreements and handle PHI only through secure, non‑website channels. Request a BAA

  • Accessibility: We are committed to WCAG 2.1 AA accessibility; for accommodations contact Emilee Usry at eusry@coastmedbill.com or (912) 355‑8188.

  • Report a breach: To report suspected data security incidents, email eusry@coastmedbill.com or call (912) 355‑8188 and reference our Data Breach Notification page.

© 2026 Coastal Medical Billing. Created by Griffin Consulting and Design.

bottom of page