Privacy Policy

Contents

Effective Date: December 15, 2025

Triton Claim Management, LLC (“Triton”, the “Company”, or “us”, “we”, and “our”) respects and values your privacy and we are dedicated to sharing our methods and approach to how we collect, use, share, and protect your personal information in this policy (“Privacy Policy”). This Privacy Policy describes how our Company handles personal information:

  • From visitors to our website or web-based applications (“Websites”)
  • Contacts with our clients and/or prospective clients
  • Contacts for suppliers of goods and services to Company
  • From any other individual about whom Company obtains personal information in the provision of legal services to our clients (“Client Services”)
  • From those who apply to work for us

The items outlined above are collectively called “Services”.

Information We Collect About You

For the purposes of this Privacy Policy, Personal Identifiable Information (“PII”) is information that relates to an identified or identifiable person, whether alone or in combination with other information. Company collects the following types of Personal Information:

  • Contact and Basic Information: name, title, phone number, organization, job responsibilities, gender, mailing address, and email address.
  • Claims Data: government identifiers, or other identification documents including but not limited to Social Security number, driver’s licenses, date of birth, beneficial ownership, ISO and CIB Claim Search, medical records, and due diligence data.
  • Client Service Information: Personal Information received from clients regarding their employees or other individuals known to clients, invoicing details and payment history, and client feedback.
  • Device Data: IP address, unique device identifiers, cookies, and other data linked to a device, and data about the usage of our Websites.

Cookies, Pixels, and Similar Technologies

Our Websites may use “cookies” and similar technologies to enhance your experience and to compile statistical information about how the Websites are used.[1] A cookie is a small file placed on your browser or device by a website, which is then stored in a designated cookies folder on your device. We use cookies to help personalize your experience and to generate usage statistics about our Websites, such as which pages are visited most frequently. We also use pixels (including clear GIFs and web beacons) to track user interactions with our Websites and emails, measure the effectiveness of our marketing campaigns, understand whether our emails are forwarded, and compile statistics about Website usage and email response rates.

We do not currently respond to “Do Not Track” signals. Most browsers allow you to block or delete cookies or to choose whether to accept certain cookies. You can visit http://www.allaboutcookies.org/manage-cookies/index.html/ for more information about managing cookies. Please note that if you choose not to accept cookies, you may experience reduced functionality or other inconveniences when using our Website.

Sources of Personal Information

Company may collect Personal Information from a variety of sources, including:

  • Directly from Claimants including but not limited to:
    • Claim forms
    • Email
    • Phone calls
    • Medical records
    • Employment records
    • Driver’s License
  • Direct from Insurance brokers including but not limited to:
    • Claim forms
    • Email
    • Phone calls
    • Insurance Application Forms
  • Direct from Insureds including but not limited to:
    • Claim forms
    • Email
    • Phone calls
    • Business records
    • Driver’s License
  • Third Parties including but not limited to:
    • Claim Index Bureau reports (“CIB”) from the Insurance Services Office (“ISO”) online
    • Background checks via investigative agencies
    • Social media searches via investigative agencies
    • Medical records with HIPAA authorization only
    • Department of Motor Vehicles

Company collects Personal Information when it is necessary to provide the requested services to you or to deliver services to our clients. If you choose not to provide requested information, Company may be unable to provide some or all of the Services. Where Company receives Personal Information from its clients about employees or other individuals, the client is responsible for ensuring that such Personal Information is provided to Company in compliance with applicable data protection laws and regulations.

Data Minimization

Company collects only the Personal Information that is necessary and relevant to fulfill the specific purposes described in this Privacy Policy. We do not collect excessive or irrelevant data and regularly review our collection practices to ensure compliance with data governance practices including data minimization principles under applicable data protection laws.

Uses of Personal Information

The purposes for which Company uses Personal Information, and the legal basis for such use are as follows:

  • Management of our business operations and administration of our client relationships. We engage in this activity to fulfil our ethical, legal and contractual obligations with clients and suppliers.
  • Enhancing the functionality of our Websites. We engage in this activity because we have a legitimate interest in monitoring how our Websites are used to help us provide better services to our Website users.
  • Fraud and security monitoring purposes. We engage in this activity because we have a legitimate interest detecting and preventing fraud, crimes and other misuse of our Websites and networks.
  • Data analysis, to improve the efficiency of our services and identify trends. We engage in this activity to manage our relationships with clients, to comply with legal obligations, and/or because we have other legitimate interests.
  • Auditing internal processes for proper functioning. We engage in this activity to manage our relationships with clients, to comply with legal obligations, and/or because we have other legitimate interests.
  • To provide relevant marketing materials. We engage in this activity because we have a legitimate interest or because we have obtained consent.
  • Compliance with legal and regulatory obligations. We engage in this activity to manage our relationships with clients, to comply with legal obligations, and/or because we have other legitimate interests.
  • To evaluate and consider individuals for employment and manage on-boarding procedures. We engage in this activity because we have a legitimate interest and/or to comply with our legal obligations.
  • The provision of legal advice/services and response to inquiries. We engage in this activity to fulfil our ethical, legal and contractual obligations with our clients.

Company may aggregate, de-identify, and/or anonymize Personal Information so that it is no longer reasonably capable of being associated with an identifiable individual. We may use and disclose such de-identified or aggregated information for any lawful business purpose.

Disclosure of Personal Information

We may disclose Personal Information to:

  • Our subsidiaries, affiliates and joint venture partners
  • Contractors, vendors and services providers
  • Counterparties to transactions or disputes, and their counsel
  • Courts, arbitrators, mediators, and others as necessary to represent our clients

We may also disclose Personal Information as necessary to:

  • Comply with any applicable laws and regulations and subpoenas
  • To cooperate with public and government authorities
  • To cooperate with law enforcement when legally required to do so
  • To enforce our terms and conditions
  • To protect our rights, privacy, safety or property, and/or that of our affiliates, or others.
  • Effectuate any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings) with a third party

Protection of Personal Information

We use reasonable and appropriate administrative, technical, and physical safeguards within  currently acceptable standards of care  designed to protect Personal Information against accidental loss and unauthorized access, use, alteration, and disclosure. However, no method of transmission over the Internet or method of electronic or physical storage is completely secure, so absolute security cannot be guaranteed.

HIPAA and Business Associate Obligations

Company serves as a Business Associate (“BA”) under the HIPAA Privacy Rule (45 CFR 164.502(e), 164.504(e)) for Covered Entity clients (health plans, healthcare providers, clearinghouses) when performing HIPAA-regulated functions involving Protected Health Information (PHI), including claims processing, administration, data analysis, utilization review, quality assurance, billing, benefit management, and related legal services.

Direct Liability & Compliance

As amended by the HITECH Act, Company is directly liable under HIPAA for its own uses and disclosures of PHI, including:

  • Compliance with the HIPAA Security Rule for ePHI
  • Breach notification obligations
  • Prohibition on impermissible uses/disclosures
  • Minimum necessary standards for PHI use

HIPAA Status and Marketing Uses of PHI

In some circumstances, Company acts as a Business Associate to Covered Entity clients under HIPAA when performing services that involve the creation, receipt, maintenance, or transmission of Protected Health Information (“PHI”), as described in the “HIPAA and Business Associate Obligations” section of this Privacy Policy. In other circumstances, Company does not act as a Business Associate and does not receive or handle PHI, including but not limited to connection with certain non-healthcare related claims, broker or producer communications that do not involve PHI, and general interactions with visitors to our Websites. In those situations, HIPAA and our Business Associate obligations do not apply, and the information we collect, use, and disclose is governed by this Privacy Policy and applicable non-HIPAA privacy and data protection laws.

When Company is acting as a Business Associate and handling PHI on behalf of a Covered Entity, Company does not use PHI for marketing purposes, except as expressly permitted by HIPAA or as authorized in writing by the individual or the Covered Entity in accordance with applicable law. Company does not sell PHI and does not permit third parties to use PHI for their own independent marketing purposes.

Information for Patients and Website Visitors

When Company performs services that involve PHI on behalf of a Covered Entity, patients and plan members retain the privacy rights afforded to them under HIPAA, including rights of access, amendment, and an accounting of certain disclosures of their PHI, which are generally exercised through the applicable Covered Entity. Patients and plan members are encouraged to review the Notice of Privacy Practices of their health plan or healthcare provider for more information about their HIPAA rights and how to exercise them.

For visitors to our Websites, information you provide to us through the Websites (such as contact information or inquiry details) is typically not PHI and is handled under this Privacy Policy rather than the HIPAA Notice of Privacy Practices of any particular Covered Entity. If you are a patient or plan member and have questions about whether information you provide in connection with our Services is subject to HIPAA, you may contact us as described in the “Contact Us” section or contact your health plan or healthcare provider.

Purpose Limitation

Personal Information is collected, used, and disclosed only for the purposes outlined in this Privacy Policy or otherwise notified to you at the time of collection. Company will not use Personal Information for materially different or incompatible purposes without providing notice and, where required by law, obtaining your written consent.

Cross-Border Data Transfers

We may transfer Personal Information to jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of protection as your country of residence. By using our Services, you understand that your information will be transferred to the United States or to other countries in which our Company operates.

For transfers of Personal Information from the European Economic Area (EEA) to countries not considered adequate by the European Commission, the Company has put in place adequate measures, such as the standard contractual clauses adopted by the European Commission, to protect Personal Information.

Choices and Access

You have choices regarding marketing-related communications. If you no longer want to receive marketing-related emails from the Company, you may opt-out by following the unsubscribe instructions in our marketing emails.

If you would like to request access to, or review, correct, update, suppress/delete, or restrict or object to the processing of your Personal Information, or if you would like to request an electronic copy of your Personal Information, please contact us as described in the “Contact Us” section below. Company will respond to your request in accordance with applicable law.

In your request, please clearly describe what you are asking us to do, including which categories of Personal Information are involved. For your protection, Company may need to verify your identity before acting on your request and will respond as soon as reasonably practicable.

Retention Period

We will retain your Personal Information for as long as you are a client, and/or as long as necessary to perform the Company’s services, and for as long as required by our legal, regulatory, and ethical obligations.

Third Party Websites

The Websites may contain links to third-party sites that are not affiliated with Company, such as Facebook, X (formerly Twitter), and LinkedIn. This Privacy Policy does not apply to those third-party sites, and your use of them is subject to their own privacy practices. You are encouraged to review the privacy and security practices of any linked third-party website before providing any Personal Information on or through that site.

Contact Us

If you have questions or concerns regarding our Privacy Policy or practices, you may contact us using the following details:

  • Email Address: claims@tritonclaims.com
  • Postal Address:
    Triton Claim Management, LLC
    Attention: Information Privacy Compliance Dept
    PO Box 537
    Alpharetta, Georgia 30009
    Tel: 800 537 8023

Changes to this Privacy Policy

Company may update this Privacy Policy from time to time. When we do, we will post the updated version on this site and revise the “Last Updated” date at the top of the page. Any changes will become effective when the revised Privacy Policy is posted. Your continued use of the Services after any changes are posted means that you accept the revised Privacy Policy.

Additional Information Regarding the EEA

You may lodge a complaint with the data protection authority in your country or region, or where an alleged infringement of applicable data protection law has occurred. Before doing so, you are encouraged to contact us directly so that we have an opportunity to address and resolve any concerns about your privacy.

[1] We may use cookies and third-party technologies that record user interactions, including clicks, keystrokes, page navigation, and chat communications, for analytics, security, and to improve our services. These technologies may collect and monitor information you enter or submit on this site. By clicking “I Agree,” you consent to this collection and monitoring. If you do not agree, you may decline and leave this page (or continue with limited functionality.)

Triton CMS for Programs
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.