Last updated: March 2026
Important: Paperless Billing Pro is designed for use by licensed healthcare providers and authorized billing personnel only. This application handles Protected Health Information (PHI) as defined under HIPAA. Use of this application constitutes agreement to this Privacy Policy.
Paperless Billing Pro ("the App") is a HIPAA-conscious medical billing application that enables healthcare providers to document patient encounters and transmit billing information in real time to authorized billing staff via a secure web portal. This Privacy Policy describes how we collect, use, store, and protect information within the App.
The App collects and processes the following categories of Protected Health Information (PHI) entered by the provider:
Patient name
Date of birth
Medical Record Number (MRN)
Patient type (Inpatient, Outpatient, ER, Observation)
Clinical diagnoses
Billing codes (procedure codes)
Supervised visit status
Follow-up plans
Clinical notes
Hospital name, provider name, and date of service
Information entered into the App is used solely for the following purposes:
Displaying patient encounter data to the provider within the App
Generating PDF rounding sheets for billing submission
Transmitting billing data in real time to authorized billing/coding personnel via a secure web portal
Maintaining a 7-day local archive of PDF rounding sheets
We do not use PHI for advertising, analytics, marketing, or any purpose unrelated to medical billing.
Paperless Billing Pro transmits PHI to cloud servers. This is a key difference from Paperless Billing Lite, which stores data locally only.
When a provider enters a patient encounter and selects billing codes, the following data is automatically and silently transmitted to our secure cloud infrastructure:
All PHI fields listed in Section 2
Transmission occurs over HTTPS using TLS encryption
Data is stored in AWS DynamoDB in the US East (Ohio) region
Data is encrypted at rest using AES-256 encryption
Data is retained for 7 years and then automatically deleted per HIPAA billing record retention requirements
Paperless Billing Pro is designed with HIPAA compliance as a core requirement:
Amazon Web Services (AWS) is our cloud infrastructure provider. We have executed a HIPAA Business Associate Agreement (BAA) with AWS covering all services used, including DynamoDB, AppSync, and CloudTrail
All data in transit is encrypted using TLS/HTTPS
All data at rest is encrypted using AES-256
Access to the biller web portal requires authentication including multi-factor authentication (MFA)
All data access is logged via AWS CloudTrail for audit purposes
Audit logs are retained per HIPAA requirements
On-device data is protected by iOS device encryption, PIN lock, and AES-256 local encryption
On-device PHI is automatically purged after 14 days
PHI stored in the cloud is accessible only to:
The provider who entered the data
Authorized billing and coding personnel who have been granted access credentials by the practice administrator
AWS infrastructure (as a HIPAA Business Associate) for the purpose of storage and transmission only
We do not share PHI with any other third parties, advertisers, data brokers, or analytics services.
Authorized billing personnel access patient encounter data through a password-protected web portal. The portal:
Requires email and password authentication plus MFA for every login
Is served over HTTPS only
Does not store PHI on portal servers — all data is fetched directly from AWS at the time of access
Sessions automatically expire after inactivity
Displays a PHI warning on every login
On-device: PHI is automatically purged from the device after 14 days
Cloud: PHI is automatically deleted from DynamoDB after 7 years using AWS Time To Live (TTL)
PDF archive: Local PDF copies are automatically deleted after 7 days
Deletion requests: To request early deletion of your data from cloud storage, contact us at the email address below
PIN lock with escalating lockout after failed attempts
15-minute automatic session timeout
AES-256 local encryption for all on-device PHI
TLS encryption for all network communications
AES-256 encryption at rest in AWS DynamoDB
Multi-factor authentication for biller portal access
AWS CloudTrail audit logging of all data access
No PHI stored in application logs, URLs, or analytics
This App is intended for use by licensed healthcare professionals only and is not directed at individuals under 18 years of age. Pediatric patient data may be entered by providers as part of clinical care, and is subject to the same protections described in this policy.
We may update this Privacy Policy from time to time. Any changes will be reflected with an updated "Last updated" date at the top of this page. Continued use of the App following any changes constitutes acceptance of the updated policy.
For privacy-related questions, data deletion requests, or to report a security concern, please contact:
Paperless Billing Pro Support
rajanshu@gmail.com