← Credentialing Agents

Privacy Policy

Effective date: May 2, 2026

Credentialing Agents (operated by One Wolf, Inc., "we," "us," "our") provides software that healthcare staffing agencies and their partner facilities use to credential clinicians. This Privacy Policy describes the information we collect, how we use it, who we share it with, and the choices you have. It applies to our web application, APIs, and any related services (collectively, the "Service").

1. Information we collect

We collect the following categories of personal information:

  • Identity and contact information — your name, email address, phone number, mailing address, date of birth, and government identifiers (e.g., SSN, NPI, license numbers) when required for credentialing.
  • Professional credentials — copies of licenses, certifications, training records, immunization records, background-check results, drug-screen results, and other documents required for healthcare credentialing.
  • Employment information — your assignments, employer, job role, and credentialing status.
  • Account and authentication — login email, hashed password, multi-factor verification codes, and session tokens.
  • Communications — messages we send to you and replies you send to us via email and SMS.
  • Usage data — IP address, browser type, device identifiers, pages visited, actions taken in the Service, timestamps, and referring URLs.
  • Cookies and similar technologies — see Section 7.

2. How we use information

  • To provide and operate the Service — credential workflows, document collection, scheduling, status tracking, and reporting.
  • To authenticate you and protect your account.
  • To communicate with you about your credentialing — task assignments, deadline reminders, scheduling links, document requests, status updates, and replies to your inbound messages.
  • To comply with legal obligations and respond to lawful requests from regulators, courts, or government authorities.
  • To detect, prevent, and respond to fraud, abuse, security incidents, and policy violations.
  • To improve the Service through usage analysis and product research, in aggregated or de-identified form where feasible.

3. SMS / text messaging

Program name. Credentialing Agents Notifications.

Recipients and content. The program sends operational, transactional text messages to clinicians being credentialed through a workspace on the Service. It is not a patient-facing program and is not used to deliver protected health information ("PHI"). Messages include:

  • Reminders to upload missing credentialing documents before a deadline.
  • Scheduling links for required lab tests, drug screens, and physicals.
  • Status updates about your background check, license verification, or assignment.
  • Follow-ups to inbound questions you send us.

Consent. We send SMS only after you provide express written, opt-in consent by checking an unchecked checkbox next to your mobile number on your profile page in the Service. The disclosure shown next to the checkbox at sign-up is:

"By checking this box and providing my mobile number, I consent to receive transactional SMS messages from Credentialing Agents (operated by One Wolf, Inc.) regarding my credentialing tasks, document requests, scheduling, and assignment status. Message frequency varies. Msg & data rates may apply. Reply STOP to opt out, HELP for help. Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes. See our Privacy Policy and Terms of Service."

Consent is recorded with timestamp, IP address, the user agent, and the verbatim disclosure text shown. Consent is not a condition of any purchase, employment, or assignment, and you can revoke it at any time (see Opt-out below).

Frequency. Message frequency varies based on your active credentialing assignments and outstanding tasks. Most recipients receive a few messages per week during an active credentialing period and far fewer at other times.

Cost. Message and data rates may apply. Rates are set by your mobile carrier; we do not charge you for messages. Carriers are not liable for delayed or undelivered messages.

Opt-out. You can opt out at any time by replying STOP to any SMS we send. We also recognize STOPALL, UNSUBSCRIBE, CANCEL, END, and QUIT. Opt-outs take effect immediately across all of our sender phone numbers, and we update your profile to reflect that you have opted out. You can also turn SMS off in your profile settings at any time.

Help. For help, reply HELP to any SMS, or contact us using the details in Section 11.

No PHI over SMS. Because SMS is not an end-to-end encrypted channel, we do not include protected health information, lab results, diagnoses, or sensitive patient data in text messages. Sensitive content is delivered through the authenticated Service portal.

Mobile information. No mobile information — including your mobile phone number, opt-in status, opt-in data, and SMS consent — will be shared with any third parties or affiliates for marketing or promotional purposes. The categories of information described elsewhere in this Privacy Policy that may be shared with third parties or affiliates exclude text-messaging originator opt-in data and consent; this information will not be shared with any third parties. Disclosure to subcontracted service providers (e.g., our SMS carrier and aggregator) is limited to what is necessary to operate the messaging program and comply with carrier rules, and that information is not used by those subcontractors for their own marketing.

4. How we share information

We share information in the following circumstances and with these categories of recipients:

  • Your workspace administrator. Credentialing Agents is operated as a multi-tenant service. The information you provide is made available to the workspace administrator (the healthcare organization or facility that engaged Credentialing Agents to credential you) and to users in that workspace who have a need to know (e.g., your credentialing specialist, recruiter). Your workspace administrator is responsible for the workspace's own use of the information under its own privacy practices.
  • Service providers (sub-processors) who help us operate the Service, including:
    • Twilio Inc. — SMS message delivery and inbound message routing.
    • Nylas Inc. — email send and receive on connected workspace inboxes.
    • Amazon Web Services, Inc. (AWS) — cloud infrastructure, file storage (S3), database hosting (RDS), and supporting services.
    • OpenAI, L.L.C. — language-model APIs used to power AI-assisted credentialing workflows. Inputs to these APIs are governed by OpenAI's enterprise data-processing terms and are not used to train OpenAI's foundation models.
    • Functional Software, Inc. d/b/a Sentry — application error monitoring.
    • Background check, lab, and verification vendors (e.g., Checkr, Yardstik, Vetty, Propelus, Adobe Sign, Dropbox Sign, DocuSeal, Bullhorn) — to perform the screening, signing, and verification services your workspace requests.
  • Compliance and law enforcement. Where required by law, regulation, subpoena, court order, or other legal process.
  • Business transfers. In connection with a merger, acquisition, financing, or sale of assets.
  • With your consent. For purposes you explicitly authorize.

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

SMS opt-in carve-out. Notwithstanding any other provision of this Privacy Policy, mobile opt-in information — including your mobile phone number, SMS opt-in status, opt-in timestamp, IP address recorded at opt-in, and the verbatim consent disclosure shown to you — is not sold, rented, leased, traded, or shared with any third party, affiliate, marketing partner, lead-generation service, data broker, or advertising network for any purpose. The only disclosure of this information is to the SMS carrier and message aggregator strictly as required to deliver the messages you have requested.

5. Data retention

We retain personal information for as long as your account is active, as needed to provide the Service, and as required by applicable law (e.g., healthcare credentialing records often have multi-year retention requirements set by federal and state regulation). We may retain de-identified or aggregated information for analytics and product improvement. When we no longer have a business or legal need for personal information, we delete or anonymize it.

6. Your rights and choices

Depending on your jurisdiction, you may have rights to access, correct, delete, port, or restrict processing of your personal information. To exercise any of these rights, contact us using the details in Section 11. We will verify your identity and respond within the time frame required by applicable law.

You can also: opt out of SMS at any time (Section 3), update your profile in the Service, disconnect linked email accounts in your settings, and request that we close your account.

7. Cookies and tracking

We use cookies and similar technologies (e.g., session storage) to keep you signed in, remember preferences, and analyze how the Service is used. You can disable cookies in your browser, but doing so may break authentication and other features. We do not knowingly use third-party advertising cookies.

8. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect personal information, including TLS encryption in transit, encryption at rest, access controls, audit logging, and least-privilege access for our personnel. No system is perfectly secure; if we learn of a security breach affecting your information, we will notify you and the appropriate authorities as required by law.

9. Children

The Service is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us information, contact us so we can delete it.

10. International users

The Service is operated from the United States. If you access the Service from outside the U.S., you consent to your information being transferred to and processed in the U.S., where data-protection laws may differ from those of your country.

11. Contact us

For privacy questions, requests, or complaints:

One Wolf, Inc. — Privacy

2000 E 6th st, Suite 4, Austin, Texas, 78702

help@fromwolf.com

12. Changes to this policy

We may update this Privacy Policy from time to time. The "Effective date" above shows the most recent version. Material changes will be communicated through the Service or by email to your registered address.

See also: Terms of Service.