Provider Data Notice
Version 1.0 — Effective August 3, 2026 (posted July 4, 2026)
This notice is for healthcare professionals — physicians, and other licensed providers — whose professional information appears in the Oystercatcher platform. It explains what information we compile, where it comes from, how it is used, and the choices you have, including how to have your profile corrected or suppressed. It also serves as our notice at collection for this information under the California Consumer Privacy Act. If you are an Oystercatcher customer or website visitor, our Privacy Policy applies to you instead.
1. Who we are and what we do
Oystercatcher, LLC ("Oystercatcher," "we") operates a business-to-business sales intelligence platform used by healthcare companies to identify and prioritize the professionals most relevant to their products and services. To do this, we compile business-capacity information — not private or patient information — about U.S. healthcare providers, primarily from publicly available sources, and make it searchable by our customers.
2. What information we compile
- Name, professional credentials (e.g., MD, DO), and National Provider Identifier (NPI)
- Medical specialty, taxonomy, and board certifications
- Practice name, business address, business phone/fax, and practice website
- Professional (business) email address, where published
- State licensure information, including license status and publicly reported disciplinary actions
- Medicare participation status and publicly released, provider-level Medicare statistics (such as aggregate procedure and prescribing volumes — never patient-level data)
- Industry financial relationships publicly reported under the Physician Payments Sunshine Act (CMS Open Payments)
- Education, graduation year, publications, and clinical trial participation from public records
- Public business-listing information about practices (such as ratings from Google)
- Publicly available web content about you retrieved by our AI research features — when a customer runs an AI research report, our systems may perform live web searches and incorporate public web content into the report
- Scores, summaries, and research reports our systems generate from the above, some of which are produced using artificial intelligence
We do not compile patient data, protected health information, Social Security numbers, dates of birth, personal (home) contact information, or consumer financial information.
3. Where it comes from
- NPI Registry (NPPES) — CMS's public provider registry
- CMS public datasets — Medicare Physician & Other Practitioners, Part D Prescriber data, Open Payments, and related public releases
- State medical licensing boards — public license-verification records
- PubMed and ClinicalTrials.gov — public research records
- Public business directories — including Google business listings for practice locations
- Public web sources — publicly available web content retrieved by our AI research features when a customer runs a research report
- Our customers — corrections or business-contact updates a customer submits for records they work with
On request, we will tell you which sources contributed to your specific record.
4. How it is used and disclosed
Customers use the platform to search, filter, score, and research providers relevant to their sales and marketing efforts, and may export business-contact records for their internal use. Our customer agreements prohibit using this data to determine eligibility for employment, credentialing, licensure, insurance, credit, or any other purpose regulated by the Fair Credit Reporting Act; prohibit resale or public redistribution; and require compliance with applicable outreach laws (such as CAN-SPAM and the TCPA) when contacting you.
AI-generated summaries and research reports are machine-produced and may contain errors; our agreements require customers to verify them before relying on them.
5. Your choices
5.1 Review and correction
You may ask us what information our platform holds about you and request correction of inaccurate information. Because most of our data mirrors public records, we may also refer you to the source registry (for example, NPPES or your state board) so the correction persists at the source.
5.2 Suppression
You may request that we suppress your profile. Suppression removes your record from customer search results, exports, and AI research features, and keeps it out — your identifier remains on a suppression list indefinitely so that your record is not re-created by subsequent data refreshes.
We are not a data broker, and we do not sell your personal information. The professional information in our platform is drawn from government and other public records that are lawfully available to the public — the kind of information that is excluded from "personal information" under the California Consumer Privacy Act. Any enrichment we perform is a custom analytical process carried out for a specific customer's own use; it is not the brokering or sale of data. We offer suppression as a courtesy and to honor applicable privacy rights, not because we sell your information.
5.3 How to submit a request
Email [email protected] with the subject "Provider Data Request," including your name, NPI number (if you have one), and the nature of your request (review, correction, deletion, or suppression). We confirm receipt within 10 business days. You may use an authorized agent; we may require proof of authorization.
- Suppression requests are completed within 15 business days. We may take steps to confirm a request is not fraudulent (for example, a competitor attempting to suppress a rival's record) before acting.
- Review, correction, and deletion requests require verification that you are the professional the record describes. We verify through a confirmation step using a contact point already associated with your record or listed with your licensing board (such as your professional email or practice phone) — we will not ask for sensitive personal information. We respond within 45 days, extendable once by 45 days with notice.
5.4 What suppression does not do
Suppression applies to our platform. It does not remove your information from the public sources we drew it from (such as NPPES, CMS datasets, or state boards), and it does not automatically reach copies a customer exported before your request. Our customer agreements require customers to apply suppression to their exported copies when we notify them, and, where we are able to identify prior exports of your record, we send those notices.
6. Retention
We retain provider records while they remain part of the public-source datasets we maintain, refreshed as those sources update. Suppressed records are retained only in a minimal suppression list (so your record is not re-created by the next data refresh) and excluded from customer-facing use.
7. State privacy rights
Depending on your state of residence, you may have rights to access, correct, or delete personal information, and a right not to be discriminated against for exercising them. We honor these rights through the process in Section 5. If we deny a request, you may appeal by replying with the subject "Privacy Appeal"; we respond to appeals within 60 days (or sooner where the applicable law requires) and, if we deny your appeal, will provide a way to contact your state Attorney General.
8. Contact
Oystercatcher, LLC
2389 Main St., Ste 100, Glastonbury, CT 06033, United States
Email: [email protected]