Trust foundation
Privacy Policy
Last updated July 1, 2026
Clover is built for healthcare practices that need a careful, organized way to launch providers and keep them ready to bill. This Privacy Policy explains the information Clover may collect, how it is used, and the choices practices and users have.
Information Clover collects
Clover may collect account information such as names, email addresses, practice names, roles, provider counts, and communication preferences.
Clover may also collect provider launch information such as NPI details, provider profile information, licenses, DEA information, malpractice documents, CVs, CAQH-related details, payer readiness notes, renewal dates, uploaded evidence, and operational activity needed to help a practice move a provider toward billing.
How information is used
Clover uses information to help practices launch providers, collect only what is missing, build Provider Workspaces, create payer roadmaps, track billing readiness, watch renewals, explain blockers, and recommend next actions.
Clover may also use information to provide support, maintain security, improve product quality, communicate service updates, and understand how the product is being used.
Security and retention
Clover is designed to protect sensitive provider launch information with access controls, encryption, secure infrastructure practices, and audit-aware product design.
Clover retains information for as long as needed to provide the service, comply with legal obligations, resolve disputes, maintain security, and support legitimate business needs. Retention periods may vary depending on the type of information and customer configuration.
Customer choices
Customers may request updates, exports, or deletion of certain account information, subject to contractual, legal, security, and operational limits. Some records may need to be retained for audit history, compliance, billing, dispute resolution, or security purposes.
Practices are responsible for ensuring they have appropriate authority to provide provider information to Clover and to invite providers into Clover workflows.
Healthcare and compliance
Some information handled by Clover may be sensitive healthcare or provider credentialing information. Clover is being designed with HIPAA-conscious architecture, but this Privacy Policy does not itself create a Business Associate Agreement.
Where a Business Associate Agreement is required, Clover and the customer must execute one before Clover is used for regulated protected health information in that context.
Contact
Questions about privacy can be directed through the Contact page. As Clover grows, this policy may be updated to reflect new product capabilities, vendors, customer controls, and legal requirements.