How HarmonyCare handles, stores, and protects the data entrusted to us by care providers and the people they serve.
We collect only the data necessary for care operations. We never sell data. We never use clinical data for advertising or profiling.
Harmony is designed with awareness of HIPAA (US), PIPEDA and Loi 25 (Canada), GDPR (UK/EU), and the Australian Privacy Act. Data handling adapts to the regulatory requirements of each jurisdiction.
Data is stored in the region closest to the provider: US (us-east-1), Canada (ca-central-1), UK (eu-west-2), Australia (ap-southeast-2). Cross-border transfers are minimized and documented.
Configurable retention policies by data type. Clinical records follow jurisdiction-specific retention requirements (typically 7+ years). Deletion requests are processed with audit trail preservation.
In the event of a data breach, affected organizations are notified within the timeframes required by applicable law. A documented breach response plan governs all notification procedures.
All third-party processors are evaluated for security and privacy compliance. Data processing agreements are in place with all sub-processors.
For privacy inquiries, data subject requests, or to report a concern, contact our privacy team at privacy@harmonycare.com.
Get started
Book a 15-minute personalized walkthrough. See how Harmony fits your operation, your jurisdiction, your shift patterns.
