Credsy Clinic
Get Started

Privacy Policy

Last updated: April 2, 2026

1. Information We Collect

We collect two categories of information to provide our credentialing services:

  • Personal Identity Information — including your name, email address, and organization affiliation, collected when you register or contact us.
  • Provider Credentialing Data — including Social Security Numbers (SSN), professional licenses, education history, employment records, malpractice history, and other information required to credential healthcare providers with payers and hospitals.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve our provider credentialing services.
  • Communicate with you about your account, applications, and support requests.
  • Verify provider qualifications through primary source verification.
  • Improve our platform through aggregated, de-identified usage analytics.

3. Data Security

We protect your data using industry-leading security controls. All protected health information (PHI) and sensitive provider data is encrypted at rest using AES-256 and in transit using TLS 1.3. Our platform runs on Microsoft Azure's HIPAA-eligible infrastructure under a signed Business Associate Agreement (BAA), with role-based access controls and comprehensive audit logging.

4. Data Sharing

We do not sell your personal information. We share provider data only as necessary to deliver our services:

  • With payers, primary verification sources, and credentialing bodies as required to complete the credentialing process.
  • With service providers and subcontractors who operate under executed credentialing agreements and are bound by equivalent data protection obligations.

5. Data Retention

We retain provider credentialing data for the duration required by applicable healthcare regulations, including HIPAA and state-specific credentialing mandates. Upon account termination, you may request deletion of your data; however, certain records may be retained to satisfy regulatory or legal obligations.

6. Your Rights

You have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correct — request correction of inaccurate or incomplete data.
  • Delete — request deletion of your data, subject to regulatory retention requirements.
  • Portability — receive your data in a structured, machine-readable format.

To exercise these rights, contact us at privacy@credsy.clinic.

7. Contact Us

For privacy-related questions, concerns, or requests, please contact our privacy team at privacy@credsy.clinic.