Privacy Policy

Effective Date: March 13, 2026 | Last Updated: April 3, 2026

North Peak Care LLC ("North Peak Care," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.northpeakcare.com, use our secure portal, or engage with our services. Please read this policy carefully.

1. Information We Collect

We collect different types of information depending on your relationship with us:

From Pharmacy Partners

• Pharmacy name, contact information, and upload access codes
• Patient documents submitted through our secure upload portal (prescriptions, insurance forms, clinical records)

From Nurses

• Name, email address, phone number, and mailing address
• Nursing license numbers, certifications, and credential documents
• Tax information (W-9, 1099 data, direct deposit details)
• Professional references and work history

From Website Visitors

• Contact form submissions (name, email, phone number, company name)

2. How We Use Your Information

We use the information we collect to:

• Respond to inquiries and contact form submissions
• Evaluate nurse applications and facilitate onboarding
• Verify nursing credentials and maintain compliance records
• Process payroll and tax reporting for contracted nurses
• Coordinate patient care between pharmacies and nursing staff
• Communicate about services, updates, and partnership opportunities
• Comply with applicable laws, regulations, and HIPAA requirements

3. How We Protect Nurse Information

We understand that nurses entrust us with sensitive personal and professional information. We protect this data through:

• Encrypted Storage: All credential documents, tax records, and personal information are stored in encrypted, access-controlled cloud infrastructure hosted on Google Cloud Platform
• Role-Based Access: Only authorized administrators can view nurse records. Nurses can only access their own data through the secure portal
• Secure Document Handling: Uploaded credential documents are transferred to a private, access-controlled storage system. Documents are never publicly accessible
• Protected Tax Data: W-9, 1099, and direct deposit information is stored separately with additional access restrictions. This data is only used for payroll processing and tax reporting as required by law
• Audit Logging: All access to nurse records is logged for accountability and compliance

4. How We Protect Patient Information (HIPAA)

North Peak Care is subject to the Health Insurance Portability and Accountability Act (HIPAA). We take the following measures to protect Protected Health Information (PHI):

• De-Identified Storage: Patient documents submitted by pharmacies are stored using visit identification numbers rather than patient names. Patient identifiers are kept in a separate, access-controlled database
• Encrypted Transit and Storage: All patient documents are encrypted during upload and at rest using industry-standard encryption
• No Public Access: Patient documents are never accessible via public links. Access is restricted to authorized North Peak Care administrators
• Time-Limited Sharing: When documents need to be shared with authorized personnel, access is granted on a time-limited, email-verified basis and automatically revoked upon expiration
• Automatic Cleanup: Temporary copies of documents are automatically deleted after being transferred to our secure storage system
• Audit Trail: All access to patient information is logged to maintain a complete audit trail as required by HIPAA

This website's contact forms do not collect PHI. If you have questions about how we handle PHI in our clinical operations, please contact us directly.

5. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

• Service Providers: We use trusted, HIPAA-compliant cloud infrastructure providers (Google Cloud Platform, Firebase) to store and process data, subject to Business Associate Agreements where required
• Pharmacies and Healthcare Providers: We share only the minimum necessary information required to coordinate patient care, in compliance with HIPAA's Minimum Necessary Standard
• Legal Compliance: We may disclose information if required by law, court order, or governmental authority
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction

6. Data Retention

We retain your information only as long as necessary to fulfill the purposes described in this policy:

• Nurse records: Retained for the duration of the working relationship and as required by state and federal law
• Patient documents: Retained in accordance with HIPAA requirements and applicable state record retention laws
• Tax records: Retained as required by IRS regulations (typically 7 years)
• Contact form submissions: Retained for up to 2 years or until the inquiry is resolved

7. Data Security

We implement administrative, technical, and physical safeguards to protect your information from unauthorized access, use, or disclosure. For more details about our security practices, please see our Security Overview. However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

8. Cookies

Our website does not use cookies or tracking technologies. Our secure portal uses authentication tokens necessary for login functionality, which are not used for tracking purposes.

9. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party sites you visit.

10. Children's Privacy

Our website is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

11. Your Rights

Depending on your location and relationship with us, you may have rights regarding your personal information, including:

• The right to access the personal information we hold about you
• The right to request correction of inaccurate information
• The right to request deletion of your information (subject to legal retention requirements)
• The right to request an accounting of disclosures of your PHI (for patients)

To exercise these rights, please contact us at the information below.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last Updated" date at the top of this page. Continued use of our website following any changes constitutes your acceptance of the updated policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us:

• Email: scanales@northpeakcare.com
• Website: www.northpeakcare.com

← Back to Home