Effective Date: June 10, 2025 · Last Updated: May 20, 2026
Meridian Surgical Supplies ("Meridian," "we," "us," or "our") is committed to protecting the privacy and security of the personal information and protected health information of our customers, patients, website visitors, and business partners. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website, place an order, or otherwise interact with us.
As a supplier of durable medical equipment, prosthetics, orthotics, and supplies (DMEPOS) and surgical supplies, Meridian is a "covered entity" under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and its implementing regulations. We take that responsibility seriously and maintain a formal HIPAA compliance program, described in Section 7 below.
Please read this Privacy Policy carefully. By accessing or using our website or services, you acknowledge that you have read and understood the practices described here.
We collect several categories of information depending on how you interact with us:
Information you provide directly. This may include your name, mailing address, email address, telephone number, date of birth, insurance and Medicare/Medicaid information, prescriptions and physician orders, payment and billing information, and any other information you submit when placing an order, creating an account, or contacting us.
Protected Health Information (PHI). In the course of providing equipment and supplies, we may receive and maintain health information that identifies you and relates to your physical or mental health condition, the care provided to you, or payment for that care. The handling of PHI is governed by HIPAA and is described in Section 7.
Information collected automatically. When you visit our website, we may automatically collect technical information such as your IP address, browser type, device identifiers, pages viewed, and the dates and times of your visits, through cookies and similar technologies (see Section 6).
Information from third parties. We may receive information from healthcare providers, referring physicians, insurers, and other authorized sources necessary to fulfill your order and process claims.
We use the information we collect to:
We do not sell your personal information or PHI.
We may disclose information in the following circumstances:
Treatment, payment, and healthcare operations. As permitted by HIPAA, we share PHI with healthcare providers involved in your care, with payers to obtain payment, and as needed to run our operations.
Service providers and business associates. We share information with third parties that perform services on our behalf, such as billing companies, shipping carriers, IT and hosting providers, and claims processors. Where these vendors handle PHI, we require a Business Associate Agreement (see Section 7).
Legal and regulatory disclosures. We may disclose information when required by law, regulation, subpoena, court order, or governmental request, including to the Centers for Medicare & Medicaid Services (CMS) and other oversight bodies.
Business transfers. In the event of a merger, acquisition, or sale of assets, information may be transferred subject to the protections of this Policy and applicable law.
We maintain administrative, physical, and technical safeguards designed to protect the confidentiality, integrity, and availability of the information we hold. These include access controls, encryption where appropriate, secure transmission protocols, workforce training, and ongoing risk assessment. While we work diligently to protect your information, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Our website uses cookies and similar technologies to operate the site, remember your preferences, and analyze traffic. You can control or disable cookies through your browser settings, though some site features may not function properly as a result. We may use third-party analytics services that collect website usage data; these providers act under their own privacy policies.
Please note: our public website is not the channel through which we collect or transmit PHI. PHI is handled through secure, designated processes consistent with our HIPAA program.
Meridian Surgical Supplies is a covered entity under HIPAA and maintains a comprehensive HIPAA compliance program governing the use and disclosure of protected health information.
PHI is individually identifiable health information that we create, receive, maintain, or transmit, in any form. We protect PHI in accordance with the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule, as well as applicable state law where it provides greater protection.
We use and disclose PHI primarily for treatment, payment, and healthcare operations, as permitted by the HIPAA Privacy Rule. For most other uses and disclosures, we obtain your written authorization, and you may revoke that authorization at any time as provided by law.
When using, disclosing, or requesting PHI, we limit the information to the minimum necessary to accomplish the intended purpose, except where the minimum necessary standard does not apply (such as disclosures for treatment).
If you are a patient, you have the right to:
To exercise any of these rights, contact our Privacy Officer using the information in Section 13. These rights and the details of our privacy practices are described more fully in our Notice of Privacy Practices, available upon request.
We implement administrative, physical, and technical safeguards required by the HIPAA Security Rule to protect electronic PHI, including workforce training and sanctions, access management, audit controls, device and media controls, and contingency planning.
Before sharing PHI with vendors or partners that perform functions on our behalf, we enter into Business Associate Agreements requiring those parties to safeguard PHI consistent with HIPAA.
In the event of a breach of unsecured PHI, we will notify affected individuals, and where required the U.S. Department of Health and Human Services and the media, in accordance with the HIPAA Breach Notification Rule and applicable state breach notification laws.
Meridian has designated a Privacy Officer and a Security Officer responsible for developing, implementing, and overseeing our HIPAA compliance program and for receiving privacy-related complaints and inquiries.
We retain personal information and PHI for as long as necessary to fulfill the purposes described in this Policy and to comply with our legal, regulatory, accreditation, and recordkeeping obligations, including Medicare supplier documentation retention requirements. When information is no longer required, we dispose of it securely.
Our website is not directed to children under the age of 13, and we do not knowingly collect personal information from children online. We do, however, provide medical and surgical supplies that may be used by minors; in those cases, information is provided and managed by a parent, guardian, or authorized representative.
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites, and we encourage you to review their privacy policies.
Depending on your state of residence, you may have additional rights regarding your personal information, such as the right to know, access, correct, or delete certain information. Note that information governed by HIPAA is generally exempt from these state privacy laws. To make a request, contact us using the information below.
We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date above and post the current version on our website. Material changes affecting PHI will also be reflected in our Notice of Privacy Practices.
If you have questions about this Privacy Policy, wish to exercise your rights, or want to file a privacy complaint, please contact our Privacy Officer:
235 Singleton Ridge Road, Suite 105, Conway, SC 29526
support@meridiansurgicalsupplies.com
You also have the right to file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you for filing a complaint.
This document is a general template provided for informational purposes and does not constitute legal advice.