Security and Compliance
The security of our clients, our candidates, and our assessments is a top priority at Care Predictor. Hundreds of organizations trust Care Predictor to help them maximize their employee’s success.
Information Security
We protect your data through an in-depth cybersecurity strategy.
Compliance
Care Predictor is ISO27001:2022 certified and compliant with all major global regulations.
Our approach is built on resiliency and zero-trust principles, and includes:
Federated services to manage user access and permissions
A Secure Software Development Lifecycle (SDLC), aligned with OWASP, including both DAST and SAST code reviews
A strict no BYOD (Bring Your Own Device) policy
Ongoing, organization-wide security training
We’ve adopted ISO 27001:2022 as our information security management system, reinforcing our commitment to safeguarding data—not just for compliance, but to exceed expectations in trust and protection.
End-to-End Security
The Care Predictor platform is hosted entirely on Amazon Web Services (AWS), which boasts robust built-in privacy features and provides end-to-end security. To learn more about AWS security and its features, head to https://aws.amazon.com/security/. AWS is certified SOC 2 Type 2, meaning that they are regularly audited and tested to meet these high security standards.
Care Predictor customer data is hosted by AWS in secure data centers around the globe. AWS maintains an impressive number of reports, certifications, and third-party assessments to preserve their state-of-the-art data center security.
Data Security You Can Count On
Your data is stored in highly secure, globally distributed data centers with robust physical and digital safeguards to prevent unauthorized access—keeping your information safe around the clock.
Application Security
Our data ecosystem is continuously monitored to ensure security, uptime, and performance. We implement:
Automated security testing
Regular third-party penetration testing
Industry-standard encryption:
AES-256 encryption for data at rest
TLS encryption for data in transit
Two-Factor Authentication
Single Sign-On (SSO)
Technology You Can Trust
We invest in modern, scalable infrastructure to deliver a platform that is fast, reliable, and secure.
Scalability
Our cloud-native architecture supports elastic growth through:
Auto-scaling best practices
Serverless technology investments
Infrastructure that expands on demand—no matter the size or complexity of your data
Stability
We ensure reliability under pressure with:
End-to-end encryption
Redundant systems
Dynamic scaling that prevents service interruptions or downtime
End-to-End Security Culture
Beyond technical controls, every Care Predictor employee is trained and held accountable to rigorous security standards—reinforcing our commitment to data protection at every level.
Compliance
Care Predictor is compliant with the following regulations:
ISO 27001:2022
SOC 2
PCI-DSS 4.0
NIST Cybersecurity Framework
Privacy
Care Predictor embraces privacy from the ground up by building our products to adhere to design principles that better enable us to protect your data. Our approach to personally identifiable information is to collect only the minimal amount to provide our service.
We implement the following privacy principles
Lawfulness, fairness, and transparency
Purpose limitation
Data minimization
Accuracy
Storage limitation
Integrity and confidentiality
Accountability
You can read our privacy policy here