Nexus Dynamix OPC
More
Nexus Dynamix OPC

Your Partner in Reliable Medical Front & Back Office Outsourcing

Your Partner in Reliable Medical Front & Back Office OutsourcingYour Partner in Reliable Medical Front & Back Office OutsourcingYour Partner in Reliable Medical Front & Back Office Outsourcing

Clear communication. Operational efficiency. Flexible, scalable teams.

SCHEDULE A CONSULTATION
START A PILOT PROJECT

About US

Who We Are

Nexus Dynamix is a Philippine-based BPO dedicated to supporting local and international medical practices with high-quality front and back office solutions. Our trained teams integrate seamlessly with your clinic’s systems to deliver accuracy, speed, and quality—while maintaining strict confidentiality.

How We Work (Systems & Tools)

We work inside your technology or provide our secure subscriptions—whatever best fits your operations:


  • Client-Provided Systems: EMR/EHR, phone, email, secure texting, fax/eFax, portals.


  • Nexus-Provided Subscriptions: HIPAA-aligned phone, SMS, eFax, and workflow tools      (when clients prefer or lack systems).


  • Hybrid Approaches: A mix of client and Nexus platforms.


All arrangements are documented in the service agreement.

Our Vision (Planned)

We are exploring a proprietary EMR platform—a future, optional solution for clinics without existing systems, to unify documentation, storage, scheduling, and billing.

Change Without Disruption

We partner on pilot projects to help clinics manage operational change (new regulations, technologies, demand spikes). By offloading transitional workflows, we protect patient experience while improving efficiency and reducing cost.

Our Values

At Nexus Dynamix, we believe in integrity, excellence, and collaboration. We are dedicated to building strong relationships with our clients and delivering exceptional service that exceeds their expectations.

services WE provide

Medical Billing & Collections

Referral Processing & Authorization

Referral Processing & Authorization

  • Claim preparation and submission
  • Payment posting & reconcillation
  • Denial management & appeals
  • Collection follow-up

Referral Processing & Authorization

Referral Processing & Authorization

Referral Processing & Authorization

  • Coordination with insurance providers
  • Pre-authorization and follow-ups
  • Durable Medical Equipment (DME) approvals

Patient Support Services

Referral Processing & Authorization

Eligibility & Benefits Verification

  • Appointment scheduling & patient recalls
  • Patient reminders (calls, emails, SMS)
  • Customer service (inbound & outbound)
  • Billing inquiries & patient statements

Eligibility & Benefits Verification

Eligibility & Benefits Verification

Eligibility & Benefits Verification

  • Real-time insurance eligibility checks
  • Coverage confirmation for services and procedures

Data Entry & Records Management

Eligibility & Benefits Verification

Data Entry & Records Management

  • Electronic Health Record (EHR) updates
  • Template formatting for SOAP notes
  • Medical records request management (ROI)
  • Secure document storage and retrieval
  • eFax sending/receiving via approved systems

Future Expansion (Planned)

Eligibility & Benefits Verification

Data Entry & Records Management

  • Proprietary EMR platform for clinics without existing systems
  • Secure, compliance-aligned storage of patient information
  • Integrated tools supporting scheduling, billing, and documentation

PILOT PROJECTS

Supporting Clinics Through Change

Healthcare evolves constantly—new rules, tech, and patient needs can strain operations. Our Pilot Project Partnerships let you test outsourcing with measurable outcomes.

  

What You Get

  • Offload Transitional Workflows to keep your team focused on care
  • Test Without Full Commitment before scaling
  • Immediate Cost Savings through trained, right-sized teams
  • Structured Change Management across regulatory/operational shifts
  • Protected Patient Experience during transitions


Think of pilots as a safety net: we stabilize operations, lower costs, and protect care as you adapt and grow.

why choose us

Tailored for Healthcare

International Time-Zone Alignment

International Time-Zone Alignment

We exclusively serve medical clinics—our processes match your operational and compliance needs. 

International Time-Zone Alignment

International Time-Zone Alignment

International Time-Zone Alignment

We work on your schedule across time zones for real-time updates.

Scalable & Flexible

International Time-Zone Alignment

Cost Savings Without Compromise

From short projects to long-term partnerships, without disrupting your workflow.

Cost Savings Without Compromise

Cost Savings Without Compromise

Cost Savings Without Compromise

Exceptional results at a fraction of in-house cost.

Seamless Integration

Cost Savings Without Compromise

Seamless Integration

Rapid onboarding into your EMR and communication tools.

Global & Local Reach

Cost Savings Without Compromise

Seamless Integration

Reliable support in the Philippines, the U.S., and abroad.

Direct Partner or Subcontractor

Direct Partner or Subcontractor

Direct Partner or Subcontractor

Trusted to work directly with clinics or under prime vendors, with the same safeguards in both models.

Forward-Looking Vision

Direct Partner or Subcontractor

Direct Partner or Subcontractor

 Exploring EMR development to evolve with your needs. 

COMPLIANCE & SECURITY

Your Data Is Safe With Us

We design every process with compliance and security at the core—whether working directly for your clinic or as a subcontractor to your vendor.


  • HIPAA-Aligned Processes and continuous staff training
  • Secured Servers with encryption (in transit/at rest where applicable)
  • Dual Internet Connections for uninterrupted service
  • Restricted Access by role (least-privilege)
  • Audit Trails for monitoring and accountability
  • Confidentiality Agreements and background-checked staff
  • Policy-Driven Operations with routine audits and QA checks

LET'S TALK

Do Not Delay!

Book a 30-Minute Discovery Call

Contact Us

Drop us an E-mail

Attach Files
Attachments (0)

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Get Your Questions Answered

Discover how Nexus Dynamix can transform your clinic operations today—local or international—and prepare you for tomorrow.

Email: csr@nexusdynamix.org Phone: 09811931057 Address: 5625 Don Pedro St. corner Gabaldon St. Poblacion, Makati City, Metro Manila

Hours

Open today

08:00 am – 05:00 pm

Frequently Asked Questions

Please reach us at csr@nexusdynamix.org if you cannot find an answer to your question.

Nexus Dynamix is designed to be flexible to your needs. In many cases, we complement your existing team by taking on administrative tasks so your in-house staff can focus more on patient care. However, if your clinic’s goal is to fully outsource certain functions, we can also provide end-to-end support to replace those roles. The decision is always yours—we adapt to whether you want us to enhance your team or serve as a complete solution.

Yes—our pilot projects are designed for short engagements that scale after results are validated.

 Yes. We integrate with your existing EMR and workflows. We’re also exploring a proprietary EMR as a future, optional solution. 

We use client-provided systems or Nexus-provided, HIPAA-aligned subscriptions (phone, SMS, eFax, workflow tools), or a hybrid—documented in the agreement.

Yes. We handle medical record retrieval (ROI) under client authorization via approved secure channels (eFax/portal).

We support clinics locally and internationally and align with your time zone for real-time communication.

Subscribe

Privacy, security & operations Policy and procedure

  

  • Section: Document Control
    Owner: Privacy & Security Officers
    Effective Date: 09/17/2025
    Review Cycle: Annual or upon material change
    Applies To: All Nexus Dynamix employees, contractors, and approved subcontractors
    Supersedes: Prior privacy/security/operations SOPs
    Disclaimer: This document is operational guidance, not legal advice. Where a Business Associate Agreement (BAA) or client contract exists, those terms control in case of conflict.

  

1) Purpose

To establish standardized policies and procedures for protecting information, executing client services, and ensuring regulatory compliance when Nexus Dynamix provides administrative outsourcing to medical clinics locally and internationally—whether acting directly for a covered entity (Business Associate role) or as a third‑party subcontractor to another vendor.

  

2) Scope

This P&P covers:

  • All information processed by Nexus Dynamix, including protected health  information (PHI), personally identifiable information (PII), financial data, and business records.
  • All work performed on client-provided systems and Nexus-provided/subscription systems, including phone, email, SMS, eFax, EMR/EHR, document management, and workflow platforms.
  • Core services: Scheduling, eligibility/benefits verification, prior authorizations (incl. DME), referrals, patient support, billing & collections, denial management & appeals, data entry & records management, document requests/retrievals (ROI), and pilot projects.

  

3) Definitions (selected)

  • PHI: Individually identifiable health information as defined by HIPAA.
  • PII:  Personally identifiable information (e.g., name, email, ID numbers).
  • BA: Business Associate—Nexus Dynamix acting directly for a covered entity      under a BAA.
  • Subcontractor: Nexus Dynamix acting under a vendor engaged by a covered entity (flow‑down obligations).
  • Minimum Necessary: Only the least information needed to accomplish the task.
  • Systems:  Any communication or data platform used (client or Nexus subscriptions)      including phone, SMS, email, eFax, EMR/EHR, cloud storage, ticketing, and      workflow tools.
  • ROI:  Release of Information; retrieval/fulfillment of medical records under      client authorization.

  

4) Governance, Roles & Responsibilities

  • Executive Sponsor: Ensures resources and alignment with strategic goals.
  • Privacy  Officer (PO): Oversees privacy program, BAAs, access governance, ROI      oversight, incident intake & reporting.
  • Security  Officer (SO): Oversees security controls (administrative, technical,      physical), risk assessments, vendor due diligence, DR/BCP.
  • Operations Director: Owns service delivery SOPs, quality, training, KPIs, and      change management.
  • Team Leads / Supervisors: Day-to-day task assignment, checklist compliance,      coaching, first‑level QA.
  • All Workforce Members: Complete training, follow SOPs, report incidents within 24 hours, and uphold Minimum Necessary.

  

5) Regulatory & Contractual Framework

  • HIPAA/HITECH      (when handling PHI for U.S. clients), applicable state privacy laws, GDPR      (where applicable), Data Privacy Act of the Philippines, and other      regional laws where services are delivered.
  • Client contracts, Statements of Work (SOW), BAAs, and flow‑down subcontractor agreements.
  • In case of conflict, client contract/BAA prevails for that client’s data.

  

6) Policy Statements

6.1 Confidentiality & Minimum Necessary

  • Access, use, and disclosure of information must be limited to the minimum necessary to perform assigned duties.
  • Confidentiality agreements are signed by all workforce members prior to access.

6.2 Systems & Communication Tools (Client vs. Nexus)

  • Nexus Dynamix may use client-provided systems, Nexus-provided/subscription      systems, or a hybrid.
  • The system(s) to be used shall be documented in the SOW/contract/BAA, including ownership, security responsibilities, audit access, and data location.

6.3 eFaxing

  • Only approved fax/eFax platforms may be used (client’s system or Nexus’s HIPAA-aligned subscription).
  • Standard cover sheet with confidentiality notice is mandatory.
  • Fax numbers must be verified before transmission; confirmations retained per      retention schedule.
  • Mis‑fax events are incidents and must be reported (see Section 10 Incident Response).

6.4 Medical Record Retrieval (ROI)

  • Records are requested only under documented client authorization and for      legitimate operational purposes (e.g., referrals, billing, audits).
  • Requests follow the ROI SOP (Section 8.6) including identity verification of the      recipient entity, secure transmission method, and logging.
  • Received records are stored only in the designated system and routed per the SOW;      unnecessary copies are purged per retention policy.

6.5 Patient Communications (Phone, SMS, Email)

  • Communications occur via approved systems only.
  • SMS/email messaging follows client policy for consent and content limitations (no      sensitive clinical details in plain text).
  • Scripts/templates are used for consistency and privacy.

6.6 Remote Work & Device Security

  • Managed devices with full-disk encryption, strong authentication, auto‑lock, and      up‑to‑date patches are required.
  • VPN for remote access where applicable; no local storage of PHI unless explicitly authorized and encrypted.
  • Clean desk policy; no printouts unless approved and tracked.

6.7 Access Management

  • Access provisioning is role‑based with supervisor & PO/SO approval.
  • Access reviews occur quarterly; access is removed within 24 hours of role change      or separation.
  • Shared credentials are prohibited.

6.8 Logging, Monitoring & Audit

  • System activity is logged where technically feasible.
  • Random audits validate Minimum Necessary, correct system use, and documentation standards.
  • Findings are tracked to remediation.

6.9 Vendors & Sub-processors

  • Vendors undergo risk assessment, security questionnaire, and contractual      safeguards (BAA/subcontractor terms as needed).
  • Vendor performance and compliance are reviewed at least annually.

6.10 International Operations & Time Zones

  • Services may be delivered across borders; appropriate transfer mechanisms and      contractual clauses are applied.
  • Schedules align with client time zones to enable real-time updates and smooth handoffs.

6.11 Business Continuity & Disaster Recovery (BCP/DR)

  • Dual internet, redundant communications where feasible, frequent backups (for      Nexus‑hosted systems), and tested recovery procedures.
  • Priority restoration order: communications → active work queues → archived datasets.

6.12 Training & Awareness

  • New hire training before access; annual refresher; role‑specific SOP coaching;  spot drills (e.g., mis‑fax response).
  • Training completion is tracked.

6.13 Workforce Sanctions

  • Violations of this P&P may result in corrective action up to and including termination and, if applicable, notification to authorities.

6.14 Data Retention & Disposal

  • Retention follows client direction/contract and applicable law.
  • Approved disposal methods: secure deletion for electronic records; cross‑cut      shredding for paper; Certificates of Destruction retained.

6.15 Data Subject & Patient Requests

  • Requests      received directly by Nexus Dynamix are routed to the client (or primary      vendor) within 2 business days, unless otherwise agreed in writing.

6.16 Incident & Breach Response

  • Suspected incidents must be reported to the Privacy Officer within 24 hours using the Incident Report Form.
  • Investigations follow the Incident Response SOP; client notification timelines follow      contract/BAA and law.

6.17 Change Management

  • Operational, system, or process changes require a Change Request with impact      assessment, approvals, testing, comms plan, and rollback steps.
  • Pilot Projects (Section 7.18) may serve as controlled change vehicles.

6.18 Pilot Projects

  • Short‑term engagements to test outsourcing, offload transitional workflows, and      achieve cost savings while protecting patient experience.
  • Defined start/end, metrics, and go/no‑go criteria.

6.19 Acting as a Subcontractor

  • When Nexus Dynamix performs services as a subcontractor to another vendor or      Business Associate, all privacy, security, and operational obligations flow down from the primary contract.
  • A Subcontractor Business Associate Agreement (Sub-BAA) or equivalent      confidentiality/security agreement shall be executed if required.
  • Nexus Dynamix applies the same privacy, security, and operational safeguards as if acting directly for a covered entity.
  • Reporting & Escalations:
    • Suspected incidents or breaches must be reported to the primary vendor/BA within       the contractual timeframe (typically within 24 hours of discovery).
    • Patient or data subject requests received by Nexus Dynamix are redirected to the primary BA or covered entity; Nexus Dynamix will provide reasonable assistance.
  • Audit & Oversight: Nexus Dynamix will cooperate with audits, monitoring,      and compliance checks initiated by the prime vendor or the covered entity.
  • Records & Retention: All records related to subcontracted services are retained and disposed of per contract terms and this P&P.

  

7) Core Service SOPs (Step‑by‑Step)

Each SOP below includes: Purpose → Inputs → Systems → Roles → Procedure → Quality Checks → Documentation → KPIs.

7.1 Access Provisioning & De‑Provisioning

Purpose: Ensure only authorized personnel access systems/data.
Inputs: HR hire/termination notice; role description; system list.
Systems: IAM or access tracker; ticketing; email.
Roles: Supervisor, PO/SO, IT admin.
Procedure:

  1. Supervisor submits Access Request Form (ARF) specifying role & systems.
  2. PO/SO reviews Minimum Necessary & approves/denies.
  3. IT provisions accounts; MFA enabled; least‑privilege roles.
  4. User completes training; signs confidentiality.
  5. Quarterly access review; remove stale permissions.
  6. Upon separation, disable accounts within 24 hours; document in Access Log.
    Quality Checks: MFA present; least privilege validated.
    Docs: ARF, Access Log.
    KPIs: 100% provisioning with approvals; 100% terminations within 24h.

7.2 Scheduling & Patient Support (Phone/SMS/Email)

Inputs: Clinic schedule rules, approved scripts, consent policy.
Systems: Client or Nexus phone, SMS, email, ticketing/CRM.
Procedure:

  1. Confirm identity using client‑approved verification steps.
  2. Use approved script; no sensitive data in SMS/email.
  3. Log call/outreach in designated system (time, outcome, next action).
  4. For escalations (complaints/urgent clinical items), follow client escalation tree.
    Quality: Call scorecards; 2% random QA review weekly.
    KPIs: Answer rate, abandonment, AHT, first‑contact resolution, no‑show reduction.

7.3 Eligibility & Benefits Verification

Inputs: Patient demographics, payer info, service date/CPTs/ICD, provider NPI.
Systems: Payer portal/clearinghouse; EMR; tracker.
Procedure:

  1. Verify eligibility and benefits (deductible, copay/coinsurance, plan limits).
  2. Document findings and coverage confirmations.
  3. Flag pre‑auth needs; hand off to Prior Auth SOP.
    Quality: Spot‑check 10 verifications per week/Team.
    KPIs: % verified ≥ 48–72h pre‑visit; accuracy rate.

7.4 Prior Authorizations (including DME)

Inputs: Provider order, clinical criteria, payer policy, documentation.
Systems: Payer portal, EMR, auth tracker.
Procedure:

  1. Submit pre‑auth with required documentation and codes.
  2. Track status; follow up per payer timelines (e.g., 48–72h; urgent 24–48h).
  3. Communicate approval/denial to clinic; document next steps.
  4. For denials, prepare appeal package per payer guidelines.
    Quality: Audit 5% of submissions weekly.
    KPIs: Approval rate, average turnaround, appeal win rate.

7.5 Referrals Coordination

Inputs: Provider referral order, patient preference, network rules.
Procedure:

  1. Verify network and referral requirements.
  2. Coordinate with receiving provider; secure records via approved channels (eFax/portal).
  3. Confirm appointment; update EMR; send patient instructions if authorized.
    KPIs: Time to schedule; referral completion rate.

7.6 Medical Record Retrieval (ROI)

Inputs: Client authorization, recipient details, scope/date range.
Systems: eFax/portal, EMR, ROI tracker.
Procedure:

  1. Validate authorization and legal basis.
  2. Identify holder (provider, hospital, insurer, clearinghouse).
  3. Submit request via approved secure channel with cover sheet and minimal data.
  4. Log request; set follow‑up cadence.
  5. On receipt: verify patient/record match; store only in designated system; notify client; purge temporary copies.
  6. If record is incomplete, request correction/addendum.
    Quality: 100% logging; monthly audit of 10 ROI cases.
    KPIs: Avg. days to retrieval; % complete on first pass.

7.7 eFaxing (Send/Receive)

Inputs: Recipient verified fax, cover sheet, documents (minimum necessary).
Systems: Client or Nexus eFax.
Procedure:

  1. Confirm recipient number with a callback or directory.
  2. Use approved cover sheet (confidentiality notice, sender, callback).
  3. Send; capture confirmation page; attach to case.
  4. On mis‑fax: stop, notify PO, request recipient to destroy, document incident.
    Quality: Quarterly test fax to confirm configuration.
    KPIs: Mis‑fax rate = 0; confirmation capture rate 100%.

7.8 Data Entry & Records Management (incl. SOAP Templating)

Inputs: Source documents, provider instructions, template standards.
Systems: EMR/EHR, DMS.
Procedure:

  1. Enter/update data per template; use controlled vocabulary where required.
  2. Flag discrepancies to provider; do not interpret clinical judgment.
  3. Index and store documents; ensure retrievability.
    Quality: Peer review 5 records/user/week.
    KPIs: Error rate <1%; turnaround time targets by client.

7.9 Billing & Collections

Inputs: Superbills/encounters, codes, payer rules, remittances.
Systems: Billing system/EMR, clearinghouse.
Procedure:

  1. Scrub and submit claims (correct coding, modifiers, attachments).
  2. Post payments & reconcile; work denials; queue appeals.
  3. Collections follow‑up per client policy (tone, cadence, channels).
    Quality: Weekly denial trend analysis; monthly cash variance review.
    KPIs: Clean claim rate, DSO, denial %, recovery rate.

7.10 Appeals & Denial Management

Procedure:

  1. Categorize denial; confirm documentation.
  2. Draft appeal with citations; submit within payer timelines.
  3. Track outcomes; escalate patterns to client.
    KPIs: Appeal success rate; days to resolution; top 5 denial causes.

7.11 Document Requests & Secure Storage

Inputs: Incoming/outgoing records, requests, subpoenas (route to client).
Procedure:

  1. Verify requestor authority; consult client on legal requests.
  2. Use approved channels (portal/eFax); index and retain per client policy.
  3. Apply retention schedule; document destruction with certificate.

  

8) Quality Assurance (QA), Metrics & Reporting

  • QA Program: Scheduled audits (transactional and process), scorecards, corrective action plans (CAPA).
  • Core KPIs:
    • Scheduling: answer rate, no‑show reduction.
    • Eligibility/Auth: % verified pre‑visit, auth turnaround, approval rate.
    • ROI/eFax: average retrieval days, confirmation capture rate.
    • Billing/RCM: clean claim rate, DSO, denial %, appeal win %, recovery %.
  • Reporting Cadence: Weekly ops dashboards; monthly executive summary; quarterly      strategic review.

  

9) Vendor & Subprocessor Management

  • Onboarding: Security questionnaire, BAA/subcontractor terms, data flow mapping, PoC testing.
  • Monitoring: Annual review, incident notice obligations, performance SLAs.
  • Offboarding: Data return/secure deletion, access revocation, attestations.

  

10) Incident Response (IR) SOP

Trigger Examples: Mis‑fax, misdirected email/SMS, lost device, suspicious access.
Timeline: Report within 24h to PO; preliminary assessment within 48h.
Steps: Identify → Contain → Eradicate → Recover → Notify (per BAA/contract/law) → Post‑mortem & CAPA.
Artifacts: Incident Report, timeline, impact scope, evidence, CAPA, client communications log.

  

11) Training & Competency

  • Before access: Privacy/security fundamentals, job‑specific SOPs, systems training.
  • Annual: Refresher plus updates for new threats/processes.
  • Validation: Quizzes, call scoring, record review; retraining as needed.

  

12) Business Continuity & Disaster Recovery (BCP/DR)

  • Continuity: Dual internet, backup communications, queue re‑routing, documented RTO/RPO      for Nexus‑hosted tools.
  • Testing:     Annual tabletop and selected technical failover tests; gaps tracked to      closure.

  

13) Change Management SOP (incl. Pilot Projects)

When used: New client, new system, major workflow update, staffing change, regulation update.
Steps:

  1. Initiation: Change Request Form with rationale, risks, metrics.
  2. Impact Review: PO/SO/Operations sign‑off.
  3. Pilot (optional): Define scope, timeline, KPIs, success criteria, comms plan.
  4. Training & UAT: Scripts, checklists, go‑live rehearsal.
  5. Go‑Live:  Hypercare period; daily huddles; track KPIs.
  6. Close/Scale: Lessons learned; SOP & documentation updated.

  

14) Records, Retention & Destruction Schedule (Summary)

  • Operational work product: Per client instruction/contract.
  • Access logs, training records, audits: Minimum 6 years (or longer by law/contract).
  • Incident reports: Minimum 6 years.
  • Certificates of Destruction: Minimum 6 years.

  

15) Appendices (Templates & Tools)

  • A. Access Request Form (ARF)
  • B. Incident Report Form (with 24h reporting reminder)
  • C. eFax Cover Sheet (confidentiality notice + callback)
  • D. ROI Checklist (authorization, identity verification, secure channel, logging)
  • E. Prior Auth Tracker Fields (member ID, DX/CPT, notes, due dates)
  • F. Call/SMS/Email Scripts (identity verification; consent; privacy lines)
  • G. Destruction Certificate Template
  • H. Vendor Security Questionnaire (summary)
  • I. KPI Dashboard Definitions
  • J. Change Request Form (impact analysis, rollback plan)

  

16) Approval & Revision History

  • Version 1.0 — 09/17/2025: Initial consolidated Privacy, Security & Operations P&P.

NexusDynamix OPC

5625 Don Pedro st. corner gabaldon st. poblacion, makati city, metro manila

09811931057

Copyright © 2026 NexusDynamix OPC - All Rights Reserved.

Powered by

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept