Worthy AI Trust Center
Worthy AI is in compliance with security best practices, has implemented and is monitoring comprehensive controls, and maintains policies to outline its security procedures.
Compliance
Resources
Change Management Policy
Business Continuity and Disaster Recovery
Incident Response Policy
HIPAA Internal Privacy Policy
Access Control and Termination Policy
Controls
Password rules enforced
Secure, unique authentication required for infrastructure access
Quarterly user access reviews performed
Firewall access restricted
Source code access restricted and changes logged
Data encrypted at rest
Encryption in transit over public networks
Secure disposal of electronic media containing sensitive data (PII, ePHI, etc.)
Customer data deleted after termination
Data Retention and Secure Deletion Policies
Secure connection means utilized
External Attack Surface Vulnerability Scanning & Remediation
Web application firewalls configuration
Source code changes tested and approved
Documented secure development and emergency change procedures
Anti-malware monitoring
Intrusion detection tool
Automated system capacity and performance monitoring
Centralized Log Collection and Monitoring
Business continuity plans ensure emergency functionality
Business continuity & disaster recovery plans documented and tested
Security incident logging and review
HIPAA Incident Response Policy and Procedures
Incident response procedures documented
Visitor sign-in, badging, and escort policy
Documented HIPAA Security Rule policy acknowledgment
Downstream compliance requirements with contractors enforced
Technology assets inventoried
Annual risk assessments performed
Documented Vendor Management Program
Confidentiality Agreement acknowledged by employees
Background checks performed on employees
Security awareness training implemented
Whisteblower mechanism maintained
Information security policies and procedures
Patch management process developed
Removable Media Use Restricted and Encrypted
Mobile Device Management (MDM) and BYOT
Production system hardening and baseline configuration management