DATA & SECURITY OVERVIEW

Last Updated: September 2022

Our Approach to Data Privacy and Security
The safety of personal data is top of mind. It's our priority to keep our client's healthcare plan information safe and secure.
Below is a summary only and we encourage you to read the full Privacy Policy.
 
Client-Owned Data
Our clients own their healthcare plans and related information, our part is to ensure this is kept confidential.
You own the data you enter into TutelaCare's healthcare planning tool. You are able to update, edit, and delete information as you see fit and have 24/7 access at your fingertips. Only you choose who you share this information with including health professionals or family and loved ones. We do not share this information, nor do we disclose any information to marketers.
An individual's Healthcare Plan is only accessible or viewable by logging in using that individual's login credentials. TutelaCare administrators CANNOT access or view client Healthcare plans or login credentials.
 
Industry Best Practice
We use Industry Best Practices to keep healthcare information secure through controls and standards.
We meet or exceed FIPPA requirements and follow data security and privacy standards that align with HIPAA and PIPEDA guidelines. The infrastructure we use to store our client's healthcare plan information is wholly located in Canada and is implemented in accordance with provincial and federal privacy legislation including data sovereignty.
All personal data is transferred using Secure Sockets Layer (SSL) which is the standard technology for keeping internet connection secure and safeguarding any sensitive data that is being sent between systems. All merchant transactions are managed within one of the world leading credit card processing platforms thus we do not store any credit card information.
 
Privacy by Design
We follow Privacy by Design practices by taking a holistic approach to our product designs.
"Privacy by Design" means data protection through technology design which industry considers best adhered to when integrated at the time the technology is created. We follow Privacy by Design practices by enforcing privacy and security measures expected for health and all information. We also conduct regular privacy and security training for our employees.
In addition to using SSL for saving and retrieving personal data, by design all data that could identify an individual is also encrypted while stored in TutelaCare's platform. Our tool does not make use of third-party plug-ins to eliminate that security risk.
 
Read the full Privacy Policy