NurseLoop Privacy Policy



Version 1.0 – 2025

‍Last Updated:
3/22/2026

LTCNow, LLC d/b/a NurseLoop (“NurseLoop,” “we,” “our,” or “us”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information when you access our website, mobile applications, platform, and related services (“Product Offering”).

If you are a NurseLoop customer, caregiver, or client, your use of the platform is also governed by:

● The Master Subscription Agreement (MSA)
● The Business Associate Agreement (BAA) (HIPAA)
● The Terms of Service (TOS)
● The Data Security Addendum (DSA)

If you do not agree with this Privacy Policy, please do not use our services.

1. INFORMATION WE COLLECT

We collect the following categories of information:

1.1 Personal Information Includes:

● Name
● Email address
● Phone number
● Role (administrator, caregiver, client, family member)
● Login credentials
● Contact preferences

1.2 Protected Health Information (PHI)


Collected only when required to support client care activities.

Examples include:

● Client profiles
● Care plans
● Visit notes and tasks
● Scheduling information
● Medication reminders
● EVV time and location data
● Authorized representative details

This PHI is processed under HIPAA and governed by our BAA with each Covered Entity.

1.3 Usage Data

Automatically collected:

● IP address
● Device type
● Browser type
● Mobile device identifiers
● App version
● Pages viewed and actions taken
● Log files and diagnostic data

1.4 Cookies & Tracking Technologies

We may use:
● Cookies
● Web beacons
● Session tokens
● Analytics tools (e.g., Google Analytics)

You may disable cookies in your browser settings.

2. HOW WE USE INFORMATION

We use information to:

● Provide, operate, and improve the NurseLoop platform
● Authenticate Users and secure accounts
● Support communication between agencies and caregivers
● Schedule visits and track EVV compliance
● Maintain audit trails
● Provide customer support
● Train and improve system performance
● Comply with legal and regulatory requirements

We do not use PHI for marketing or advertising.

3. HOW WE SHARE INFORMATION

We may share information with:

3.1 With Service Providers (Subprocessors)

Only as needed to provide services:
● Cloud hosting providers
● Error logging systems
● Email/SMS delivery tools
● Analytics providers

All subprocessors are contractually bound to HIPAA-level security protections.

3.2 With Covered Entities

We share PHI only with the agency or customer responsible for that client’s care.

3.3 When Required by Law

We may disclose information:
● To comply with subpoenas or legal processes
● To protect rights, property, or safety
● As required under HIPAA or state law

3.4 Business Transfers

If NurseLoop is acquired or merged, information may be transferred as part of that transaction, subject to HIPAA protections.

4. HOW WE PROTECT INFORMATION

We use administrative, physical, and technical safeguards, including:
● Encryption in transit (TLS 1.2+)
● Encryption at rest (AES-256)
● Role-based access control
● Multi-factor authentication for administrative systems
● Logging and monitoring
● Regular backups
● Vulnerability management
● Periodic penetration testing

Full details are provided in our Data Security Addendum (DSA).

5. YOUR PRIVACY RIGHTS

Depending on your location, you may have rights under HIPAA, CCPA, CPRA, or other state laws. These may include the right to:
● Access your information
● Correct inaccuracies
● Request deletion (except where prohibited by HIPAA)
● Opt out of certain data uses
● Request a copy of collected information

HIPAA rights (access, amendment, accounting of disclosures) apply when PHI is involved. Clients must contact their care agency (Covered Entity) to exercise HIPAA rights.

6. DATA RETENTION

We retain:
● PHI and caregiver data for the duration of the customer’s subscription
● Backups for 30–90 days
● Logs for at least 12 months
● Account information as long as required for business or legal obligations

Upon termination, Customer Data may be deleted after 30 days unless legally required otherwise.

7. CHILDREN’S PRIVACY

NurseLoop does not knowingly collect information from children under 13 except when necessary as part of care delivered by Covered Entities and permitted under HIPAA.

8. INTERNATIONAL USERS

NurseLoop is designed for U.S. healthcare agencies and processes PHI within the United States. If users access from outside the U.S., they do so voluntarily and at their own risk.

9. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically. Changes will be posted with a new “Last Updated” date. Continued use of NurseLoop after updates constitutes acceptance.

10. LOCATION DATA

NurseLoop may collect and process location data from caregivers and users of the Platform when location-enabled features are used.

Types of Location Data Collected

We may collect:
● Precise location data (GPS coordinates)
● Approximate location (based on IP address or device settings)
● Timestamped location data associated with user activity

How Location Data Is Collected

Location data may be collected:
● When the mobile application is in use (foreground)
● When a caregiver is clocking in or out of a shift
● During active shifts for visit verification (if enabled by the agency)

NurseLoop does not collect location data in the background unless a specific feature requires it and the user has explicitly granted permission through their device settings.

How We Use Location Data

We use location data to:
● Verify caregiver arrival and departure times
● Confirm service delivery locations
● Support agency compliance and audit requirements
● Improve scheduling and workforce coordination
● Enhance platform security and fraud prevention
● Location data may be stored and associated with caregiver activity records for compliance, audit, and verification purposes in accordance with applicable laws.

Sharing of Location Data

Location data may be shared with:
● The caregiver’s associated home care agency
● Authorized administrators within the Platform
● Service providers supporting platform functionality (under strict confidentiality agreements)

We do not sell location data.

User Control Users may control location permissions through their device settings. Disabling location services may limit certain features of the Platform.

CONTACT INFORMATION

If you have questions about this Privacy Policy or your data: NurseLoop – LTCNow, LLC 411 E Bonneville Ave, Suite 400 Las Vegas, NV 89101 📧 support@nurseloop.com

© 2025 nurseloop.com