top of page

HMA Healthcare Privacy Policy

Effective Date July 2023 

About This Policy

HealthMark Associates, its subsidiaries and affiliates (collectively “HMA”, “we”, "us", and “our”) are committed to ensuring the privacy of the information you share with us. For purposes of this Privacy Policy, when we use “HMA,” “we,” “us,” or “our”, we are referring to and including all of the companies currently under HMA ownership, leadership and control.

This privacy policy explains our privacy practices, including what information we collect, how we use it, and what rights you have concerning your information. This policy applies to information we collect when you engage with us online or offline, unless we are processing that information as part of services we provide to others (in which case, another entity’s privacy policy will apply).

Overview

We encourage you to read this policy in its entirety. However, we have provided a brief overview of important points:

• We allow trusted partners to collect your data so they can display more relevant advertising.
• We use vendors to help us provide services to you.
• We use cookies to provide, protect and promote our services.
• You can ask us to delete, correct, amend or disclose your information.
• If you have any questions or concerns about this policy, you can contact us.

Summary

This policy contains important information about our privacy practices. We summarize the key points from each section below:

• What Information We Collect. We collect personal information about you, such as your name, government identification, medical history, and other sensitive information.
• How We Use Your Information. We use your information to communicate with you, perform our services, manage employees, market and improve our offerings, protect you and our company, and undertake other legally permissible purposes.
• How We Collect Information. We collect information about you from you, your devices, and other companies.
• How Long We Keep Your Information. We will delete your information based on our record retention policy, but we may keep it for longer when legally required.
• When We Disclose Your Information. We have disclosed your information within our corporate group, to companies who provide services to us, to our business partners, and to others as legally permitted.
• When We Sell or Share Your Information. We allow trusted partners to collect information on your activity on our website in order to provide you with more useful, targeted advertisements. To the extent that constitutes selling or sharing your information, we only allow those partners to collect the following categories of information: Internet and Other Electronic Network Activity Information.
• Your Privacy Rights. You have the ability to exercise certain controls and choices over the collection, use, and sharing of your information. In accordance with applicable state and country laws, you may have rights to access, correct, or delete information we have about you. You will need to provide us certain details so we can honor your request.
• How We Protect Your Information. We have safeguards in place to protect your information.
• We Store Information In the United States. We will use your information in the United States, which may have different privacy protections than where you live.
• You Can Contact Us. You can contact us via email or regular mail, with questions about this Policy.
• We May Update This Policy. We may revise this policy as our operations evolve or in response to legal changes. Please check this page regularly for updates.

 

What Personal Information We Collect

We collect the following categories of personal information from individuals:

• Identifiers. This includes information such as your name, phone number, postal address, telephone number, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport ID, date of birth, and employee ID.
• Customer/Employee Records. This includes identifying information such as your name, Social Security number, address, telephone number, driver’s license, education, employment, employment history, bank account information, medical information, and health insurance information.
• Protected Characteristics. This includes information such as your age, gender, sexual orientation, preferred pronouns, marital status, ethnic information, veteran status, disability status, and citizenship information.
• Internet or Other Electronic Network Activity Information. This includes information such as your browsing history, browser name, domain type, operating system information, IP addresses, access times, and device identifiers.
• Biometrics. This includes information such as voice recordings.
• Professional or Employment-Related Information. This includes information such as your education and employment history, credentials, background-check results, drug-screening results, sanctions history, work authorizations or work visa information, work restrictions or accommodations, and emergency or beneficiary contact information.
• Geolocation Data. This includes information on your location when you visit our website or use our application.
• Inferences. We draw inferences from the above information to create a profile about you.

 

We also collect the following types of sensitive personal information: citizenship or citizenship status; data from a child under 13 years old; health, genetic, and biometric information; immigration status; passport, Social Security, driver’s license, and state identification numbers; account logins; financial details (including bank account and credit card details); racial and ethnic origin; religious or philosophical beliefs; sex life and sexual orientation; precise geolocation; and union membership.


Our sites, apps, and services are meant for adults. We do not knowingly collect personal information from children under 13 years old without permission from a parent or legal guardian. If you think your child under 13 has given us information, you can contact us using the email or phone number below. If you email us, please enter in the subject line: “COPPA Information Request.” Parents, you can learn more about how to protect children’s privacy online here.

How We Use Your Information

We may use your information for the following purposes:

To communicate with you. We may use information to respond to your questions, to communicate about this policy or our terms, or to communicate with you regarding any other purpose described in this policy.

 

To perform our services. We may use information to send job listings or contact you about a placement opportunity, or to identify new candidates or clients.

 

For employment purposes. We may use your information for recruitment and hiring, to staff open positions at our company or with clients, to provide payroll and administer benefits, for travel arrangements and performance management, for record-keeping, for safety purposes, to meet legal and compliance obligations, or for other internal purposes.

For marketing. We may use contact, demographic and site usage information to communicate about our services and to provide information about HealthMark Associates and its affiliates and subsidiaries. This may be by email, phone, or text. It may also be on social media platforms. We also use this information to provide information about HealthMark Associates, our brands, affiliates, or other companies in which we believe you may be interested. The information we send includes briefings and newsletters. It also includes seminar information or whitepapers. We also send surveys. We send these materials as permitted by law. We do not use information collected in the context of your employment for marketing.

To improve our services. We may use your information to make our website and services better, and to keep our records updated.

To protect our company and constituents. We may also use your information to identify fraud, secure our systems, or for other purposes as permitted by law, including to prosecute or defend legal claims.

 

For other purposes allowed by law. Such as:

• Auditing.
• Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
• Debugging to identify and repair errors that impair existing intended functionality.
• Short-term, transient use, where the personal information is not disclosed to another third party and is not used to build a profile about an individual.
• Performing services on behalf of other entities.
• Undertaking internal research for technological development and demonstration.
• Undertaking activities to improve, upgrade, enhance, or verify or maintain the quality or safety of our services or equipment.

We do not use your sensitive information, as that term is defined under the California Consumer Privacy Act (“CCPA”), for any purposes other than those specified in CCPA Regulation 7027(m).

 

How We Collect Your Information

We collect information from the following sources:

You. We collect contact and demographic information directly from you, including through our websites We collect employment and payment information from you, including online and on paper forms.

Your devices. We collect site usage and demographic information passively using tools like browser cookies and pixels. We collect site and location information about users over time when you use this website. We may have third parties collect personal information this way on our behalf. We may also use tracking tools to pull contact and demographic information from online sources. To learn how to manage cookies and other tracking tools, please review our Ad and Cookie Policy by clicking here. That policy also explains our approach to Do Not Track signals. You can also control cookies and tracking tools by using the Global Privacy Control (“GPC”), which we discuss in more detail in the “When We Sell or Share Your Information” below.

Other Companies. We collect contact and employment information from others, such as clients, social media partners, and technology and staffing partners. We also collect contact information and employment information from public records providers. We obtain demographic and site usage information from analytics firms.

 

How Long We Keep Your Information

In general, we keep your information for as long as we need it to carry out the purposes described above, and as necessary to comply with our records-management policies. We also keep your information as necessary to comply with other legal obligations we might have, such as in connection with litigation.

 

When We Disclose Your Information

We disclose personal information for the following purposes:

We disclose information within the HealthMark Associates companies. We disclose information to our affiliates and related entities. Depending on the function of the affiliate or related entity, we reserve the right to disclose data types from any or all of the information categories listed above.

We disclose information with companies who perform services on our behalf. We disclose information to companies who assist us, including benefits and payroll providers, payment-processing providers, and providers who help us deliver marketing and other communications. We disclose the following categories of information to companies who perform services on our behalf: identifiers; customer/employee records, including financial information; protected classifications; internet or network activity information; biometric information (voice recordings if the user undergoes video or telephonic interviewing); geolocation data; professional or employment-related information; and inferences to create a profile.

We disclose information with our clients and business partners. We disclose the following categories of information to our clients and business partners: identifiers; inferences; customer/employee records; biometric information (voice recordings if the user undergoes video or telephonic interviewing); and professional or employment-related information. We provide the information to our clients so they can select healthcare providers to work in their facilities, and we disclose details to our business partners so they can provide services.

We will disclose information if we think we have to in order to comply with the law or to protect ourselves. We disclose information we collect about you to respond to a court order or subpoena. We may provide that information in response to a government agency or investigatory body requests. We also disclose information when we are investigating potential fraud.

We will disclose information to any successor to all or part of our business. We may disclose your information as necessary for any corporate restructuring, such as if we sell part of the business, merge with another company, or engage in bankruptcy proceedings.

We disclose information as permitted by law and for other reasons we may describe to you. We do not disclose your personal information to any third-party vendor or website owner for their own marketing purposes.

 

When We Sell or Share Your Information

We do not provide your information to third parties in exchange for money. We allow trusted partners to collect certain information about you when you interact with our website so that they can provide you targeted advertising based on your online interactions with us and others. Some states may also consider this practice as us “selling” or “sharing” your information. We may allow companies to collect the following categories of personal data for targeted advertising: Internet and Other Electronic Network Activity Information. Given that we limit our collection of data concerning minors, we do not have actual knowledge that we allowed those companies to collect information on anyone who is younger than 16 years old.

If you do not want us to sell or share your data, you can opt out by submitting a request using the process described in "Your Privacy Rights" below. Alternatively, you can rely on the GPC to tell us you wish to opt out of selling or sharing your data. We recognize the GPC for the browser sending the opt-out signal. (If you later access our website from a different browser without the GPC, your opt-out settings will not carry over.) The GPC comes in different flavors, which are often a browser add-on or setting, so we recommend following the instructions for your preferred variation. Once you have properly configured your GPC, we will automatically process it in a frictionless manner. In other words, we will not (1) charge you for using it, (2) change your experience with our services, or (3) display pop-ups or other notifications in response to your opt-out signal (except we may display some indicator acknowledging your request).

 

Your Privacy Rights

Our commitment to privacy includes going beyond what is required. In some countries and states, such as Europe, Colorado and California, the law grants you all of the below rights (subject to some limitations).

• Right to Know. You can ask us to give you information about our collection and use of your personal information. Specifically, you can request we provide you one or more of the following: the categories of personal information we collected about you; the categories of sources from which we collected your personal information; our purposes for collecting your personal information; the categories of third parties to whom we disclose your personal information; and the specific pieces of personal information we collected about you. You can also ask that we provide you a copy of your information in a commonly used, machine-readable format.


• Right to Delete. You can ask us to delete your personal information.


• Right to Correct. You can ask us to correct any inaccurate personal information that we have about you. Some information you can change yourself. You may review and change any personal information in your account profile and, where applicable, personal account preferences, stored in our system if you believe it may be out of date or incorrect.


• Right to Opt Out of Targeted Advertising (Sharing). You can ask us to not allow third parties to collect your information on our website for targeting advertisements based on your activity across multiple websites. (This concept is known as “targeted advertising” in most places and “sharing” in California.)


• Right to Opt Out of Sales. You can ask us to not sell your information. As noted above, we do not “sell” your information in the traditional sense (an exchange for money), but we do disclose it for targeted advertising—which some jurisdictions may consider a sale.

We will not discriminate against you if you exercise those rights. If you wish to exercise your rights,
you can contact us at 256-783-2747. You can also have an authorized agent submit a request on your behalf. If you choose to use an agent, and the agent does not have power of attorney under the California Probate Code, we cannot process the request until:

• The agent provides a copy of your signed permission authorizing the agent to make the request;
• You verify your identity directly with us; or
• You provide us direct confirmation that you provided the agent permission to submit the request.

If your authorized agent has a valid power of attorney under California Probate Code sections 4121 to 4130, we may request proof of the power of attorney instead of the foregoing.

Unless you are requesting to opt out of sales or targeted advertising, we must verify your identity before we honor your request. We verify your identity by trying to match the following information you provide to us with information we have about you:

• Contact information (such as name, email, phone number, and address)
• An indication of what HMA brands you have previously interacted with

If we are unable to verify your identity with the information you provide, we may deny your request or request additional information.


Sometimes we may be unable to fulfill your request. If you disagree with our decision, you can file an appeal by contacting us at [insert email or physical address]. In the subject line, please write: Data Subject Right Appeal – [Full Name]. The body of the email should include: (1) your name, (2) the date of the decision you are appealing, and (3) an explanation for why you disagree with that decision. We will contact you if we need more information.

Nevada residents may opt out of the future sale of their information to a third party so that the third party may license or sell information by emailing us.

How We Protect Your Information

We have implemented technical, administrative, and physical security measures designed to protect your personal information from unauthorized access, disclosure, use, and modification. Nonetheless, the Internet is not 100% secure. We cannot promise that your use of our sites or apps will be completely safe. We encourage you to use caution when using the Internet.

We Store Information In the United States

We are located in the United States. If you live outside of the United States, you understand and agree that we may process your information in the United States. Our businesses are subject to United States laws, which may not afford the same level of protection as those in your country. By submitting your information, you agree to the processing of it in the United States.

How You Can Contact Us

Feel free to contact us if you have more questions about this privacy policy or our data practices. 

We May Update this Policy

From time to time we may update this privacy policy. We will post the updated copy and include the date of the update. If the changes are material, we will post a prominent notice, and we may contact you at your email address we have on file. Please check our site periodically for updates. Your continued use of the site after we post the updated copy constitutes your acceptance of the updated privacy policy.

bottom of page