← Covershift

Privacy Policy

Effective May 28, 2026

Covershift, Inc. (“Covershift,” “we,” “us”) operates the Covershift marketplace for specialty physician call coverage — a website at getcovershift.com and mobile apps on iOS and Android. This policy explains what data we collect from physicians, hospitals, and partner organizations, how we use it, and your rights.

1. What we collect

From physicians:

From hospitals:

From partner organizations (e.g. EA Health):

2. How we use it

3. We do not sell your data

Covershift does not sell or rent personal data to third parties. We are not an advertising business and do not run any third-party ad networks on the website or in the mobile apps.

4. Who we share with

5. AI features

Some features use AI (Anthropic Claude) to generate personalized content: follow-up emails for incomplete onboarding, shift summaries, and the in-app coach. We send the AI model the minimum information necessary (physician name, current credentialing state, shift description) and never send identifiers like SSN, full tax ID, or banking information. Anthropic does not retain our prompts or outputs beyond brief operational logging.

6. Protected Health Information (HIPAA)

Covershift is a marketplace; we do not store, transmit, or process Protected Health Information (PHI) as defined by HIPAA. The provider-directory data we maintain (NPI, license, specialty, credentialing status) is operational marketplace data, not health records. Hospitals retain all PHI for the patients they treat; nothing about specific patients flows through Covershift.

7. Your rights

To exercise any of the above, email privacy@getcovershift.com from the email address on your Covershift account. We respond within 30 days.

8. Security

Data in transit is encrypted with TLS 1.2+. Passwords are hashed with bcrypt. Mobile auth tokens are stored in iOS Keychain / Android Keystore via Expo SecureStore. We maintain audit logs of all administrative access to physician and hospital records.

Despite reasonable safeguards, no internet service is 100% secure. If we discover a breach affecting your data, we will notify you within 72 hours as required by applicable state law.

9. Children

Covershift is for licensed physicians (MD/DO) and the institutional staff who work with them. We do not knowingly collect data from anyone under 18.

10. Changes

We'll update the “Effective” date above when material changes are made and notify active users by email when changes affect your rights or how we use your data.

11. Contact

Covershift, Inc.
privacy@getcovershift.com · privacy questions and data requests
covershift@eahealthsolutions.com · everything else

Plain-English starting policy maintained by Covershift. Not a substitute for legal advice. Healthcare-privacy attorneys can adjust the disclosures above to fit jurisdiction-specific requirements.