Privacy Policy

Last updated: March 11, 2026 | Effective date: March 11, 2026

Information We Collect
How We Use Your Information
Information Sharing & Disclosure
Data Storage & Security
GPS & Location Data
Email Communications & Monitoring
Cookies & Tracking
Data Retention
Your Rights
Children's Privacy
Changes to This Policy
Contact Us

Hospital Staffing Partners LLC ("HSP", "we", "us", or "our") is committed to protecting the privacy of healthcare providers, hospital clients, and other users of our website and provider platform (collectively, the "Platform"). This Privacy Policy describes the information we collect, how we use it, and the choices you have regarding your data.

1. Information We Collect

Information You Provide

Account information: name, email address, phone number, mailing address, professional title, and specialty when you register for an account.
Professional credentials: medical licenses, DEA certificates, board certifications, BLS/ACLS/PALS cards, immunization records, background check authorization, CV/resume, malpractice coverage documentation, and other credentialing documents required for healthcare facility placement.
Application data: education history, training programs, work experience, NPI number, and other information submitted through the provider onboarding application.
Tax information: W-9 form data including Social Security Number or Employer Identification Number, which is collected, encrypted, and stored securely for tax reporting purposes.
Timesheet data: hours worked, shift types, facility assignments, and expense reports for payroll processing.
Availability data: dates and shift preferences you submit through the availability calendar.
Profile information: headshot photograph, biography, and other profile details you choose to provide.
Electronic signatures: digital signature data when you execute confirmation letters or other documents.
Communications: messages sent through the in-app messaging system and any information you provide in support requests.

Information Collected Automatically

GPS location data: when you use the shift check-in feature, we collect your geographic coordinates to verify you are at the assigned facility (see Section 5).
Device and browser information: IP address, browser type, operating system, and user agent string, collected during login and form submissions for security auditing.
Usage data: pages visited, features used, and timestamps of activity within the platform for service improvement.

Information from Third Parties

NPI Registry: professional data from the National Plan and Provider Enumeration System (NPPES) when you use the NPI lookup feature.
Monday.com: provider status updates and communications history from our project management system.
Gmail: email communications between HSP staff and providers are ingested from monitored HSP mailboxes for the communications timeline feature (see Section 6).

2. How We Use Your Information

We use the information we collect to:

Match you with appropriate healthcare staffing opportunities at our client facilities.
Facilitate the credentialing and privileging process required by healthcare facilities.
Process timesheets and calculate compensation through our payroll partner, Paylocity.
Communicate with you about assignments, account activity, document requests, and credential expirations.
Send automated onboarding reminders and credential renewal notifications to help you stay compliant.
Verify shift attendance through GPS check-in at facility locations.
Generate confirmation letters, contracts, and other staffing documents.
Maintain an audit trail of important account actions for compliance purposes.
Detect, prevent, and respond to security incidents or unauthorized activity.
Improve and maintain the functionality and security of our Platform.

We share your information only in the following circumstances:

Recipient	What We Share	Purpose
Healthcare Facilities (Clients)	Professional credentials, licenses, certifications, work history, CV, headshot	Credentialing, privileging, and staffing decisions
Paylocity (Payroll Provider)	Name, tax information, timesheet data	Payroll processing and tax reporting
Background Check Providers	Name, date of birth, Social Security Number (with your authorization)	Pre-employment background screening
Insurance Providers	Professional credentials, coverage dates	Malpractice and liability coverage verification

We do not sell your personal information to third parties. We do not share your information for advertising or marketing purposes unrelated to your staffing engagement.

4. Data Storage & Security

We implement technical and organizational safeguards to protect your data:

Encryption at rest: sensitive data including email content, W-9 information, and Social Security Numbers are encrypted in our database.
PII detection and redaction: our email ingestion system automatically detects and redacts personally identifiable information including Social Security Numbers, financial account numbers, and dates of birth from ingested email communications.
Access controls: role-based access controls restrict who can view credential documents, communications, and sensitive provider data. Credential documents containing Social Security Numbers are never displayed in the app — a privacy placeholder is shown instead.
Signature security: electronic signatures are stored with IP address and user agent information for non-repudiation.
Audit logging: we maintain detailed audit logs of significant account actions including document access, credential downloads, and administrative changes.
Hosted infrastructure: our Platform is hosted on Laravel Cloud with TLS encryption for all data in transit.

5. GPS & Location Data

The GPS check-in feature is used solely to verify that providers are at their assigned facility at the start of a shift. Location data is collected only when you actively initiate a check-in — we do not track your location in the background or outside of the check-in process. Location data is stored as geographic coordinates associated with the specific check-in event.

You may decline to use the GPS check-in feature. Your facility or account manager can advise on alternative check-in methods if needed.

6. Email Communications & Monitoring

HSP monitors and ingests email communications from company-managed email accounts (e.g., accounts ending in @hospitalstaffingpartners.com) for the following purposes:

Maintaining a communications timeline for each provider so HSP staff can view the full history of correspondence.
Ensuring continuity of service when account managers or staff change.
Facilitating the Chrome browser extension that displays provider context alongside Gmail.

Automated PII redaction is applied to ingested emails to minimize exposure of sensitive personal data. HSP staff access to the communications timeline is governed by role-based permissions — only staff with a legitimate business need (assigned account managers, credentialers, or administrators) can view a given provider's email history.

We also send automated email campaigns including onboarding reminders, credential expiration notices, and service announcements. You may opt out of non-essential marketing communications by contacting us.

7. Cookies & Tracking

Our Platform uses essential cookies for session management and authentication. These cookies are necessary for the Platform to function and cannot be disabled. We may also use analytics tools (such as Google Analytics) to understand usage patterns. We do not use advertising cookies or trackers.

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. Specific retention periods include:

Account data: retained for the duration of the business relationship and for 7 years thereafter for tax and compliance purposes.
Credential documents: retained as long as required by healthcare facility credentialing standards and applicable regulations.
Timesheets and payroll data: retained for at least 7 years per IRS requirements.
Email communications: older email data is periodically purged; recent communications are retained for operational continuity.
GPS check-in data: retained for the duration of the staffing assignment and a reasonable period thereafter.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

Access the personal information we hold about you.
Correct inaccurate or incomplete information.
Delete your personal information, subject to legal retention requirements.
Export a copy of your data in a structured format.
Object to certain uses of your data.

To exercise any of these rights, please contact us at support@hospitalstaffingpartners.com or call 813-434-0480. We will respond to your request within 30 days.

10. Children's Privacy

Our Platform is designed for use by healthcare professionals and is not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Platform or via email. The "Last updated" date at the top of this page indicates when changes were most recently made.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Hospital Staffing Partners LLC
Tampa, Florida
Phone: 813-434-0480
Email: support@hospitalstaffingpartners.com