Compliance & Security

Care Carry operates under strict regulatory compliance to ensure the protection of personal information, healthcare data, and financial records. Our compliance program is designed to meet Canadian privacy laws, healthcare regulations, and accessibility standards while maintaining the highest security practices.

We maintain active certifications and undergo regular audits to ensure continuous compliance with evolving regulatory requirements.

We fully comply with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), implementing all ten fair information principles including accountability, consent, and safeguards for personal information.

Our Privacy Officer oversees all data handling practices and ensures that personal information is collected, used, and disclosed only for identified purposes with appropriate consent.

Full compliance with Canada Revenue Agency requirements including automated T4 slip generation, tax withholding calculations, and proper reporting of caregiver earnings for tax purposes.

We maintain detailed records for the required retention periods and provide comprehensive tax reporting tools to both families and caregivers to meet their CRA obligations.

We comply with the Personal Health Information Protection Act (PHIPA) for handling personal health information, ensuring proper consent, security safeguards, and access controls for all healthcare-related data.

Healthcare information is processed with enhanced security measures and is only accessible to authorized personnel on a need-to-know basis.

All data is encrypted in transit and at rest using AES-256 encryption standards. We implement role-based access controls with multi-factor authentication for all sensitive operations.

Regular security audits, penetration testing, and vulnerability assessments ensure our security posture remains robust against evolving threats.

Our platform meets Web Content Accessibility Guidelines (WCAG) 2.1 Level AA standards, ensuring accessibility for users with disabilities including screen reader support, keyboard navigation, and proper color contrast ratios.

We are working towards full compliance with the Accessibility for Ontarians with Disabilities Act (AODA) to ensure our platform serves all users effectively.

We conduct quarterly internal compliance audits and annual third-party security assessments to validate our compliance posture and identify areas for improvement.

Continuous monitoring and logging of all system activities, along with regular penetration testing and vulnerability assessments, ensure ongoing security and compliance.

We maintain active certifications for PIPEDA compliance and WCAG 2.1 AA accessibility standards. We are working towards ISO 27001 certification for information security management.

All certifications are regularly reviewed and updated to ensure continued compliance with evolving standards and regulatory requirements.

Questions about our compliance practices can be directed to our Compliance Officer through the contact information provided below.

We are committed to transparency and will respond to all compliance-related inquiries promptly and thoroughly.