Information Technology & Security

The backbone of our company.

WorkCare has a dedicated Information Technology team. We commit extensive resources to ensure our information management systems and communications platforms are sound, secure and in compliance with state-of-the art technology and industry standards.

WorkLink

WorkLink is our proprietary case management system. The core framework features widely adopted Microsoft technologies. The platform accommodates a broad spectrum of applications. It also facilitates the addition of new features and functionality over time. Users access WorkLink via a password-protected web portal.

Privacy & Security

Ensuring the privacy and security of all client and employee data is of paramount importance. Our IT Department ensures that WorkCare meets or exceeds industry best practices with regard to the safe use, storage and transmission of company and personal health data. IT policies and procedures are monitored and updated to comply with the Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), HITRUST, NIST and other IT security standards.

Personal Protection

We collect personal data only if required to provide our services and/or comply with applicable laws and regulations. WorkCare may disclose information to partners who are contractually obligated to treat these data as confidential and private, and securely process information only for the specified purpose.

Data Storage

All WorkCare data is stored in a SOC 3 Certified, Tier 5 Platinum-rated data center. Access is enabled via secure and encrypted virtual machine architecture.

Audits

Periodic audits are conducted to ensure configurations are working properly and that security threats are sufficiently mitigated by the IT Department.

We're HITRUST-Certified

WorkCare has been awarded HITRUST certification for its protected health information data environments. We developed all supporting policies and procedures as recognized by an authorized HITRUST Alliance CSF Assessor.

Our HITRUST review covered 19 domains and their applicable control requirements:

  • Information Protection Program
  • Endpoint Protection
  • Portable Media Security
  • Mobile Device Security
  • Wireless Protection
  • Configuration Management
  • Vulnerability Management
  • Network Protection
  • Transmission Protection
  • Password Management
  • Access Control
  • Audit Logging & Monitoring
  • Education, Training & Awareness
  • Third Party Security
  • Incident Management
  • Business Continuity & Disaster Recovery
  • Risk Management
  • Physical & Environmental Security
  • Data Protection & Privacy

Health Insurance Portability and Accountability Act (HIPAA)

HIPAA Privacy Practices Notice

WorkCare administers and may provide health care services to you and your employer. This notice describes how medical information about you may be used and disclosed, and how you can get access to this information.

Business Associate Subcontractor Agreement

This Business Associate Subcontractor Agreement governs the relationship between WorkCare, Inc., and any of its independent contractors who are Subcontractors under terms of the Health Insurance Portability and Accountability Act of 1996.

Health Insurance Portability and
Accountability Act in the Workplace

This WorkCare Fact Sheet describes key privacy and security provisions of HIPAA and its association with workers’ compensation and workplace wellness programs.

WorkCare Privacy Practices

WorkCare Privacy Policy

This policy relates to information collected by WorkCare, Inc., through your use of our website and information we may receive from you through other means, including personally identifiable and non-personally identifying information. If you are located in California, please refer to our California Consumer Privacy Act (CPPA) Addendum. If you are located in the European Economic Area or United Kingdom, please refer to our General Data Protection Regulation Addendum (GDPR).

WorkCare Privacy Policy –
General Data Protection Regulation Addendum

This General Data Protection Regulation Addendum supplements the WorkCare Privacy Policy. These additional disclosures are required by the General Data Protection Regulation (GDPR) and are intended for individuals located in the European Economic Area or United Kingdom.

Work Care Privacy Policy –
California Consumer Privacy Act Addendum

This California Consumer Privacy Act Addendum supplements the WorkCare Privacy Policy. These additional disclosures are required by the California Consumer Privacy Act of 2018 (CCPA).