Security & compliance
Healthcare-grade security without the friction.
CareForce is engineered to protect sensitive workforce and participant data while keeping your operations inspection-ready.
Healthcare-grade foundation
Sensitive data is encrypted in transit and at rest. Administrative, technical, and physical safeguards align with industry standards. Clinical/medical data features will launch with appropriate safeguards.
Electronic signature compliance
Digital document workflows comply with ESIGN and UETA. Every signature captures intent, identity, and full audit trails for regulators.
Privacy by design
CareForce is GDPR and CCPA ready with data processing agreements, configurable retention policies, and rights management for data subjects.
Operational controls
- Role-based access control with granular permissions and MFA.
- Continuous monitoring, logging, and alerting for platform activity.
- Least-privilege access policies across infrastructure and support.
- Redundant backups and disaster recovery aligned with recovery-time objectives.
- Vendor diligence, SOC reports, and BAAs with key service partners.
Audit-ready histories
Every action—document signature, credential update, policy acknowledgement—is captured with user, timestamp, and device metadata.
Secure integrations
All external connections (EVV, payroll, HRIS, background checks) leverage encrypted channels and signed API requests.
Dedicated support
Our compliance and security team is available for risk assessments, vendor questionnaires, and regulatory reviews.
Need documentation?
We’re ready to support your security review.
Request our latest policies, penetration testing summaries, and enterprise security packet to streamline procurement.