Privacy Policy – 247 Healthcare

247 Healthcare Privacy Policy

Effective Date January 2025 (last updated April 29, 2025)

Mobile Opt In, SMS Consent, and Phone Numbers collected for SMS communication purposes will not be shared with third parties and affiliates for marketing purposes

About This Policy

This Privacy Policy applies to 247 Healthcare Staffing, its subsidiaries, affiliates, and applications and platforms that link to this Policy (collectively, “247 Healthcare,” “we,” “us,” or “our” except where specifically indicated below). We operate exclusively within the United States.

Allied Solutions, including, 247 Healthcare Allied, and 247 Allied Services
247 Healthcare Language Services, 247 Interpreter Reservation
247 Healthcare Workforce Solutions dba 247 Healthcare Revenue Cycle Solutions
247 Healthcare Workforce Strategy Optimization
Nursing Solutions (including 247 Services, 247 Staffing Services, Nursefinders, 247 Healthcare Labor Disruption, O’Grady Peyton International, Connetics USA)
B4Health
Medefis
Passport
Healthcare Provider Solutions (including 247 Healthcare Physician Permanent Placement, 247 Healthcare Interim Solutions, 247 Healthcare Locums Tenens, MSI, Drswanted [collectively MSDR], 247 Leadership Solutions [dba BE Smith])
ShiftWise
Televate
WorkWise

247 Healthcare is committed to ensuring the privacy and security of the information you share with us. This privacy policy explains our privacy practices, including what information we collect, how we use it, disclosure practices, and what rights you have concerning your information. This policy applies to information we collect when you engage with us online – e.g., through a website or app – or offline (e.g., paper forms, phone calls), unless we are processing that information solely as part of services we provide to others (e.g., a client hospital), in which case that entity’s privacy policy may apply.

Overview

We encourage you to read this policy in its entirety. However, we have summarized the key points below.

What Information We Collect: We collect various categories of personal information, including Identifiers, Customer/Employee Records, Protected Characteristics, Internet or other Electronic Network Activity Information, Geolocation Data, Audio and Visual Information, Professional or Employment-Related Information, and Inferences drawn from this data. We also collect certain Sensitive Personal Information as detailed below.
How We Use Your Information: We use your information primarily to provide our staffing services, manage our workforce, communicate with you (including obtaining consent for certain communications per TCPA), improve our services, conduct marketing (with appropriate consent), ensure security, and comply with legal obligations (including HIPAA where applicable).
How We Collect Information: We collect information directly from you, automatically from your devices when you interact with our online services, and from third-party sources like clients, background check providers, public databases, and technology partners.
How Long We Keep Your Information: We retain personal information based on our record retention policies, operational needs, and legal requirements.
When We Disclose Your Information: We may disclose information within the 247 Healthcare group, to service providers acting on our behalf (with contractual safeguards), to our clients (healthcare facilities) for placement purposes, and as required by law or in connection with corporate transactions.
When We Sell or Share Your Information: We do not sell your personal information for monetary value. We may allow trusted advertising partners to collect certain online activity data via cookies for targeted advertising. This may be considered "selling" or "sharing" under certain state laws (e.g., California). You have the right to opt-out.
Your Privacy Rights: Depending on your state of residence, you may have rights to access, correct, delete, or restrict the processing of your personal information, as well as opt-out of certain data uses like selling/sharing or targeted advertising. We provide mechanisms to exercise these rights.
How We Protect Your Information: We implement reasonable administrative, technical, and physical safeguards, including staff training, designed to protect your personal information.
We Store Information in the United States: All processing occurs within the United States. Privacy protections may differ from those in other countries.
You Can Contact Us: We provide contact information for privacy-related inquiries.
We May Update This Policy: We may revise this policy and will indicate the date of the latest revision.

We have collected the following categories of personal information from individuals within the last 12 months:

Identifiers: This includes information such as your name, alias, postal address, telephone number(s) (including mobile), Internet Protocol (IP) address, email address, account name/username, Social Security number (SSN), driver’s license number, passport number, date of birth, and employee ID. Purpose: To identify and communicate with you, process applications, manage employment, provide services, verify identity, comply with legal requirements.
Customer/Employee Records (Categories listed in Cal. Civ. Code § 1798.80(e)): This includes identifying information such as your name, signature, SSN, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. For example, we collect payment account information from clients. Purpose: Employment processing, payroll, benefits administration, client billing, background checks, credentialing, verifying qualifications, complying with legal and contractual obligations.
Protected Characteristics (under California or Federal Law): This includes information such as your age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information), preferred pronouns. Purpose: Equal opportunity employment reporting, diversity initiatives, benefits administration, providing legally required accommodations, ensuring non-discrimination. Collection is often voluntary and used in aggregate/anonymized form where possible.
Internet or Other Electronic Network Activity Information: This includes information such as your browsing history, search history, information on your interaction with our websites, applications, or advertisements (e.g., clicks, time spent on pages), browser name, domain type, operating system information, IP addresses, access times, and device identifiers. Purpose: Website/application functionality, improving user experience, security monitoring, analytics, targeted advertising (where applicable and consent obtained).
Geolocation Data: This includes information on your location derived from IP address or mobile device settings (we will request permission for precise geolocation). Purpose: Providing location-specific job opportunities, website analytics, security.
Audio and Visual Information (Sensory Data): This includes information such as voice recordings (e.g., recorded calls for quality assurance/training, with notice/consent where required), electronic, visual information (e.g., video interviews, security camera footage at physical locations). Purpose: Quality assurance, training, security, facilitating remote interviews, fulfilling service requests (e.g., language interpretation).
Professional or Employment-Related Information: This includes information such as your current or past job history, performance evaluations, education records, professional licenses, certifications, credentials, background check results, drug screening results, sanctions history, work authorization status (e.g., visa information), work restrictions or accommodations, references, emergency contact information, or beneficiary information. Purpose: Evaluating candidacy for employment or placement, verifying qualifications, managing employment relationship, client requirements, legal compliance.
Inferences: We draw inferences from the above information to create a profile reflecting preferences, characteristics, predispositions, behavior, abilities, and aptitudes (e.g., suitability for certain roles). Purpose: Improving the quality and relevance of job matching and placement services.
Sensitive Personal Information: In the last 12 months, we also have collected the following types of sensitive personal information: citizenship or citizenship status; health information (e.g., for accommodations, benefits, compliance); immigration status; passport, Social Security, driver’s license, and state identification numbers; account log-in credentials; financial details (including bank account and credit card details); racial and ethnic origin; religious or philosophical beliefs; union membership; sex life and sexual orientation; and precise geolocation (with consent). Purpose: As required for employment verification (I-9), background checks, payroll, benefits administration, providing legally required accommodations, equal opportunity monitoring (often voluntary), security access, and specific client requirements. We only use sensitive personal information for purposes permitted by law (e.g., CCPA Regulation 7027(m)) and do not use it to infer characteristics about you for other purposes.

Our sites and apps are meant for adults. We do not knowingly collect personal information from children under 13 years old without permission from a parent or legal guardian. If you think your child under 13 has given us information, you can contact us using the email or phone number below. If you email us, please enter in the subject line: “COPPA Information Request.” Parents, you can learn more about how to protect children’s privacy online here.

How We Use Your Information

We may use your information for the following business and commercial purposes:

To communicate with you: We may use information to respond to your questions, to communicate about this policy or our terms, or to communicate with you regarding job opportunities, placements, and other service-related matters (See Section: Communications and Consent (TCPA Compliance)).
To perform our services: We may use information to send job listings, contact you about a placement opportunity, or identify new candidates or clients. To facilitate these services, sometimes we use inferences we make, profiling and other automated decision-making solutions (discussed more fully below). We may also use these technologies to improve the quality of opportunities that we provide to you, or to improve the services that we offer to both you and our clients.
For employment purposes: We may use your information for recruitment, hiring, and onboarding, to staff open positions at our company or with clients, to provide payroll and administer benefits, for travel arrangements and performance management, for record-keeping, for safety purposes, to meet legal and compliance obligations, or for other internal purposes.
For marketing (with consent where required): We may use contact, demographic and site usage information to communicate with you about our services and to provide you information about us. We also use this information to provide you information—such as surveys, briefings, and newsletters—about us or other companies in which we believe you may be interested. Note: We do not use information collected solely in the context of your employment for unrelated marketing purposes without your explicit consent. You can opt-out of marketing communications at any time.
To improve our services: We may use your information to make our website and services better, conduct internal research and analysis, and keep our records updated.
To protect our company and constituents (Security and Fraud Prevention): We may also use your information to identify fraud, detect and prevent security incidents, protect against malicious, deceptive, or illegal activity, secure our systems, debug and repair errors, or for other purposes as permitted by law, including to prosecute or defend legal claims.
For Legal and Compliance: Complying with applicable laws, regulations, court orders, and government requests (e.g., EEO reporting, tax laws, labor laws, HIPAA where applicable); establishing, exercising, or defending legal claims; fulfilling contractual obligations; conducting audits; providing required training to our workforce regarding privacy, security, and compliance obligations.
HIPAA Compliance (Where Applicable): When acting as a Business Associate to a HIPAA Covered Entity (e.g., a hospital client), we use and disclose Protected Health Information (PHI) only as permitted by the Business Associate Agreement (BAA) and HIPAA regulations. This includes using PHI to perform staffing functions on behalf of the Covered Entity and implementing required safeguards.
For other purposes, such as: Auditing related to interactions; short-term, transient use; performing services on behalf of other entities; undertaking internal research for technological development and demonstration; undertaking activities to improve, upgrade, enhance, or verify or maintain the quality or safety of our services or equipment.

We do not use your sensitive information, as defined under the California Consumer Privacy Act (“CCPA”), for any purposes other than those specified in CCPA Regulation 7027(m).

Automated Decision-Making

Automated decision-making takes place when an electronic system uses personal data to make decisions relevant to you. We use automated decision-making, including profiling and drawing inferences, to help perform job placements for you or to present you with placement opportunities that we think would be a good fit for you and your skillset. These automated tools help us process large volumes of information efficiently and improve the relevance of opportunities presented. However, final placement decisions typically involve human review and judgment. We strive to ensure these systems are fair and unbiased. We will not make decisions that produce legal or similarly significant effects concerning you based solely on automated processing, unless necessary for entering into or performing a contract, authorized by law, or based on your explicit consent.

Communications and Consent (TCPA Compliance)

We may contact you via telephone, including text/SMS messages, for various purposes related to our services and your relationship with us.

Informational Communications: We may contact you with informational messages regarding your application, potential job opportunities, assignments, onboarding, scheduling, and other service-related matters. By providing your phone number(s) in the context of seeking employment or staffing services (e.g., via an application, profile creation, or direct communication), you provide your express consent to receive informational calls and text messages related to these purposes, potentially including those made using automated technology, at the number(s) provided.
Marketing Communications: We will obtain your separate, prior express written consent before sending you telemarketing or promotional calls or text messages using an automatic telephone dialing system or prerecorded voice. Written consent can be obtained via website forms, text message keywords, or other documented methods clearly indicating your agreement to receive such messages.
Opt-Out: You can opt-out of receiving text messages at any time by replying "STOP" to any message you receive from us. You can opt-out of marketing calls by informing the caller or contacting us as described in the "Contact Us" section below. Opting out of marketing communications will not affect informational communications related to your application or employment.
Frequency: Message frequency may vary.
Rates: Message and data rates may apply depending on your mobile carrier plan.

We maintain records of consent and opt-out requests as required by the TCPA.

How We Collect Your Information

We collect information from the following sources:

You: We collect contact, demographic, employment, and payment information directly from you, including through our websites, applications, and online or paper forms.
Your devices: We collect site usage, device, and location information passively using tools like browser cookies, pixels, and logs when you use our websites or applications. We may have third parties collect personal information this way on our behalf. We may also use tracking tools to pull contact and demographic information from online sources. To learn how to manage cookies and other tracking tools, please review our Ad and Cookie Policy [Insert Link to Cookie Policy Here, if applicable]. That policy also explains our approach to Do Not Track signals and Global Privacy Control (GPC).
Other Companies: We collect contact and employment information from others, such as our clients (healthcare facilities), background check and credential verification services, references you provide, publicly available sources (e.g., licensing boards, professional networking sites), social media platforms (if you interact with our pages), technology and staffing partners, and analytics firms.

How Long We Keep Your Information

In general, we keep your information for as long as is necessary to fulfill the purposes for which it was collected, as described in this Policy, and for legitimate business purposes, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

The duration of our relationship with you (e.g., applicant, employee, client contact).
Our legal and regulatory obligations (e.g., employment laws, tax laws, HIPAA record retention requirements, statutes of limitation).
Our contractual obligations.
The need to resolve disputes or establish/defend legal claims.
Our business needs and record-keeping policies.

When personal information is no longer needed for these purposes, we will securely delete or anonymize it.

When We Disclose Your Information

In the last 12 months, we disclosed personal information for business purposes in the following ways:

Within the 247 family of companies: We disclose information to our affiliates and related entities for operational, administrative, and service provision purposes consistent with this Policy.
With companies who perform services on our behalf (Service Providers/Contractors): We disclose information to vendors and consultants who assist us, including benefits and payroll providers, background check services, IT hosting and support, payment-processing providers, communication platform providers (e.g., email, SMS services like RingCentral), analytics providers, legal and accounting services, and travel arrangement providers. We disclose the following categories of information to these providers as needed: identifiers; customer/employee records (including financial information); protected classifications; internet or network activity information; audio or visual information (e.g., video interviews); geolocation data; professional or employment-related information; and inferences. Requirement: We require these providers by contract to maintain the confidentiality and security of personal information and to use it only for the specific services they provide to us. If service providers handle PHI on our behalf when we act as a Business Associate, they must also sign a BAA and comply with HIPAA.
To our clients and business partners: We disclose the following categories of information to our clients (healthcare facilities) for the purpose of evaluating candidates, facilitating placements, managing assignments, timekeeping, and fulfilling contractual requirements: identifiers; inferences; customer/employee records; audio or visual information (e.g., video interviews); and professional or employment-related information. We disclose details to our business partners as necessary to provide integrated services.
If we think we must to comply with the law or to protect ourselves: We disclose information we collect about you to respond to a court order, subpoena, or other legal process. We provide that information in response to government agency, law enforcement, or investigatory body requests (e.g., Department of Labor, EEOC, HHS/OCR). We also disclose information when we are investigating potential fraud or to protect our rights, property, or safety, or that of others.
To any successor to all or part of our business: We disclose your information as necessary for any corporate restructuring, such as if we sell part of the business, merge with another company, or engage in bankruptcy proceedings.
As permitted by law and for other reasons we may describe to you: We may disclose information with your consent or as otherwise permitted or required by law.

HIPAA Disclosures: When acting as a Business Associate, disclosures of PHI are strictly governed by the BAA with the Covered Entity client and HIPAA regulations.

When We Sell or Share Your Information / Targeted Advertising

247 Healthcare does not sell your personal information in exchange for monetary compensation.

However, like many companies, we may use online tracking technologies (such as cookies, pixels, and scripts) provided by third-party advertising partners on our websites and applications. These partners may collect information about your online activities over time and across different websites (primarily Identifiers like IP address and online identifiers, and Internet/Network Activity) to provide you with targeted advertising based on your interests. This activity may be considered “selling” or “sharing” under certain state privacy laws (like the CCPA/CPRA in California).

Opt-Out Rights: You have the right to opt-out of this selling/sharing/targeted advertising. You can exercise this right by:

Clicking the “Do Not Sell or Share My Personal Information” link in the footer of our website [Insert Link Here, if applicable].
Adjusting your cookie preferences through our cookie management tool [Insert Link Here, if applicable].
Enabling Global Privacy Control (GPC) signals in your browser, which we recognize and honor as a valid opt-out request for the browser transmitting the signal.

We do not have actual knowledge that we sell or share the personal information of individuals under 16 years of age.

Your Privacy Rights

Our commitment to privacy includes going beyond what is required. Depending on your state of residence within the United States (e.g., California, Colorado, Virginia, etc.), you may have certain rights regarding your personal information. These rights may include (subject to legal limitations and exceptions):

Right to Know/Access: The right to request information about the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes for collecting/selling/sharing, and the categories of third parties to whom we have disclosed it.
Right to Delete: The right to request the deletion of personal information we have collected from you.
Right to Correct: The right to request the correction of inaccurate personal information we maintain about you. Some information you can change yourself (e.g., in your account profile).
Right to Opt-Out of Sale/Sharing/Targeted Advertising: The right to direct us not to sell or share your personal information or use it for targeted advertising (as described in the section above).
Right to Limit Use and Disclosure of Sensitive Personal Information (California residents): The right to limit our use and disclosure of sensitive personal information to purposes necessary to perform services or provide goods reasonably expected, or for other permitted purposes under the CCPA/CPRA.
Right to Data Portability: The right to request a copy of your personal information in a portable and, to the extent technically feasible, readily usable format.
Right to Non-Discrimination: The right not to be discriminated against for exercising any of your privacy rights.

How to Exercise Your Rights:

To exercise your rights to know/access, delete, or correct, please submit a verifiable request by:

Calling us at (832) 675-9402
Emailing us at info@247healthcarestaffing.com
Visiting: 247healthcarestaffing.com/contact

To exercise your right to opt out of sale/sharing/targeted advertising, please use the methods described in the “When We Sell or Share Your Information” section.

Verification: We need to verify your identity before processing requests to Know/Access, Delete, or Correct. This typically involves matching identifying information you provide with the information we have on file. We may request additional information for verification purposes. We cannot process your request if we cannot verify your identity.
Authorized Agents: You may designate an authorized agent to make requests on your behalf. We require written permission signed by you and verification of the agent's identity, or proof of power of attorney.
Response Timing and Format: We aim to respond to verifiable consumer requests within 45 days of receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Disclosures will cover the 12-month period preceding the request, as required by law.

How We Protect Your Information (Data Security)

We are committed to protecting the security of your personal information. We implement and maintain reasonable administrative, technical, and physical security measures designed to protect the personal information we process against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:

Technical Safeguards: Firewalls, encryption (for data in transit and at rest where appropriate), access controls, intrusion detection systems, vulnerability management.
Administrative Safeguards: Security awareness and privacy training for employees and relevant contractors, data minimization practices, access restrictions based on job function (role-based access), incident response plans, policies and procedures for data handling, vetting of service providers (including requiring contractual security obligations).
Physical Safeguards: Secure office facilities, controls over access to physical records and equipment.
The information (Phone Numbers) obtained as part of the SMS consent process will not be shared with third parties for marketing purposes.

HIPAA Security: When handling PHI as a Business Associate, we implement safeguards that meet the requirements of the HIPAA Security Rule.

While we strive to protect your information, please be aware that no security measures are perfect or impenetrable. We cannot guarantee the absolute security of your information, especially information transmitted over the internet.

We Store Information in the United States

All personal information we collect and process is stored and processed within the United States. Privacy protections may differ from those in other countries.

You Can Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our privacy practices, or if you wish to exercise your privacy rights, please contact us at:

Email: info@247healthcarestaffing.com
Phone: (832) 675-9402

We May Update This Policy

We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes to this Policy, we will post the updated notice on our website and update the Policy’s “Effective Date” and “Last Updated” date at the top. Your continued use of our services following the posting of changes constitutes your acceptance of such changes. We encourage you to review this Policy periodically for any updates.