Information Security at HEADCHECK

Over 3,500 organizations worldwide trust HEADCHECK to keep their data safe and secure.

Security-First Approach

At HEADCHECK, safeguarding your privacy is our top priority. We are fully committed to our responsibilities concerning the collection and processing of user data. To ensure your confidentiality, HEADCHECK strictly limits the Personally Identifiable Information (PII) we gather to only the essential details required for providing our services.

Your Data, Your Trust

Rest assured that all data collected by HEADCHECK is handled with the utmost confidentiality, following the standards set forth by HIPAA and PIPEDA. We employ industry-standard technical and physical controls to secure your information. Your data is encrypted on devices, during transit to our servers, and while at rest on our secure servers located in the Amazon Web Services Data Center in Montreal.

Continuous Training for Our Team

Our dedicated team members undergo comprehensive privacy and confidentiality training at the onset of their employment with HEADCHECK. This training covers the various legal requirements that we diligently adhere to. To stay current, our employees receive annual refresher training sessions, ensuring that they are always up-to-date with the latest privacy laws and regulations.

Vigilant Data Security Measures

HEADCHECK implements rigorous controls and processes to promptly detect and handle any unauthorized attempts to access your data. We employ robust encryption technology to protect your data, both when it is at rest and during transit. As part of our commitment to your security, we support strong authentication practices, offering options like two-factor authentication to our valued customers.

Continued Commitment To Security

In 2023, HEADCHECK completed a Service Organization Control (SOC) 2 Type II audit, an attestation examination conducted by external auditors, which requires meeting specific principles defined by the AICPA. This demonstrates that HEADCHECK has met the AICPA auditable trust services principles (security and confidentiality), one of the most stringent international standards for security, availability, processing integrity, confidentiality and privacy. Our commitment to SOC2 is ongoing and audits are performed on an annual basis. Additional data security information is available upon request in our Security DataSheet.