Information Technology, Security + Privacy
The backbone of our company.
Our Customer Service Pledge
WorkCare’s dedicated IT team will:
- Ensure that our information management and communications systems comply with privacy laws and industry standards.
- Support our comprehensive information security program with administrative and technical safeguards to protect the integrity of customer data.
- Enable access to customer data via technologically advanced systems using secure and encrypted virtual machine architecture.
- Conduct periodic audits to evaluate the performance of system configurations and mitigate any potential security threats.
Privacy + Security
WorkCare meets or exceeds best practices with regard to the safe use, storage and transmission of company and personal health data. In addition to SOC 2 (see below), we comply with privacy and security provisions set forth by the Health Insurance Portability and Accountability Act, General Data Protection Regulation, National Institute of Standards and Technology, Health Information Trust Alliance and other applicable standards and organizations.
Personal Protection
We respect employees’ privacy. We collect personal data only if required to provide our services and/or comply with applicable laws and regulations. WorkCare may disclose information to partners who are contractually obligated to treat these data as confidential and private, and securely process information only for the specified purpose.
Data Storage
All WorkCare data is stored in a SOC 3 Certified, Tier 5 Platinum-rated data center. Access is enabled via secure and encrypted virtual machine architecture.
Audits
Periodic audits are conducted to ensure configurations are working properly and that security threats are sufficiently mitigated by the IT Department.
SOC 2 Security and Availability Assurance
WorkCare has successfully completed a rigorous Systems and Organization Control (SOC 2) examination. The SOC 2 exam process demonstrates compliance with security and availability criteria that apply to customers’ (user entities’) operations, regulatory and financial reporting requirements. An independent CPA firm conducted a systems and control review from Dec 1 2023 to Nov 30 2024. The following five SOC 2 criteria set forth by the American Institute of Certified Public Accountants (AICPA) were applied:
- Security: Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems that could compromise the availability, integrity, confidentiality, and privacy of information or systems and affect the entity’s ability to meet its objectives.
- Availability: Information and systems are available for operation and use to meet the entity’s objectives.
- Processing integrity: System processing is complete, valid, accurate, timely and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected to meet to meet the entity’s objectives.
- Privacy: Personal information is collected, used, retain, disclosed, and disposed to meet the entity’s objectives.
As reported by the independent CPA, the SOC 2 examination results provide “reasonable assurance” that WorkCare meets these criteria.
Health Insurance Portability and
Accountability Act (HIPAA)
HIPAA Privacy
Practices Notice
WorkCare administers and may provide health care services to you and your employer. This notice describes how medical information about you may be used and disclosed, and how you can get access to this information.
HIPAA-Privacy-Practices-Notice
Business Associate Subcontractor Agreement
This Business Associate Subcontractor Agreement governs the relationship between WorkCare, Inc., and any of its independent contractors who are Subcontractors under terms of the Health Insurance Portability and Accountability Act of 1996.
Business Associate Agreement Subcontractors
Health Insurance Portability and Accountability Act in the Workplace
This WorkCare Fact Sheet describes key privacy and security provisions of HIPAA and its association with workers’ compensation and workplace wellness programs.
ADA, HIPAA and COVID-19
WorkCare Privacy Practices
WorkCare Privacy
Policy
This policy relates to information collected by WorkCare, Inc., through your use of our website and information we may receive from you through other means, including personally identifiable and non-personally identifying information. If you are located in California, please refer to our California Consumer Privacy Act (CPPA) Addendum. If you are located in the European Economic Area or United Kingdom, please refer to our General Data Protection Regulation Addendum (GDPR).
WorkCare Privacy Policy
WorkCare Privacy Policy –
General Data Protection
Regulation Addendum
This General Data Protection Regulation Addendum supplements the WorkCare Privacy Policy. These additional disclosures are required by the General Data Protection Regulation (GDPR) and are intended for individuals located in the European Economic Area or United Kingdom.
WorkCare GDPR Addendum
Work Care Privacy Policy –
California Consumer Privacy Act
Addendum
This California Consumer Privacy Act Addendum supplements the WorkCare Privacy Policy. These additional disclosures are required by the California Consumer Privacy Act of 2018 (CCPA).
WorkCare CCPA Addendum
Personal Information Protection
and Electronic Documents Act
(PIPEDA) – Canada
PIPEDA provides safeguards to protect the privacy of employees in Canada. This is an abbreviated version. To view the complete text, visit the Office of the Commissioner of Canada website.
PIPEDA Policy and Consent Form
WorkCare Privacy Policy –
Alberta and Ontario
This notice describes privacy rights under the Personal Health Information Protection Act or comparable personal information protection laws in an employee’s province of employment.
WorkCare Privacy Policy Alberta Ontario
WorkCare Privacy Policy – Quebec English
This notice describes privacy rights under the Personal Health Information Protection Act and the Quebec Act Respecting the Protection of Personal Information in the Private Sector.
WorkCare CCPA Addendum
WorkCare Privacy Policy –
Quebec French
This notice describes privacy rights under the Personal Health Information Protection Act and the Quebec Act Respecting the Protection of Personal Information in the Private Sector.
WorkCare Privacy Policy Quebec French
Elevate Workplace
Wellness Today
At WorkCare, we value your workforce as much as you do. That’s why we help protect and empower employees with solutions that are proven to:
- Reduce OSHA recordables
- Reduce days away, restricted or transferred cases (DART) rates
- Reduce workers’ compensation spends
- Reduce total recordable incident rates (TRIR)
Find out how to get the right care, at the right time in the right setting.
