561-437-5964 Login
SCHEDULE A DEMO

Application Security

BACK TO TERMS AND CONDITIONS

Empower Group Care
Applies To: app.empowergroupcare.com and related SaaS services

Empower Group Care is committed to maintaining reasonable and appropriate safeguards designed to protect the confidentiality, integrity, and availability of information processed through our software platform. This page provides a high-level overview of the general security practices applicable to the Empower Group Care SaaS application and related services.

1. Scope

This Application Security page applies to the Empower Group Care software platform made available at app.empowergroupcare.com, related hosted application environments, and supporting operational systems used to deliver and maintain the service. It is intended to describe our general approach to protecting application data and service availability.

2. Security Program

Empower Group Care maintains a risk-based security program intended to identify, assess, manage, and reduce security risks relevant to our SaaS platform and business operations.

Our safeguards are designed to help protect information against unauthorized access, use, disclosure, alteration, or destruction. We review and evolve our security practices over time based on operational needs, changes to the platform, and the changing threat environment.

3. Access Control

Access to application systems and related data is limited to authorized individuals based on legitimate business need. Reasonable and appropriate access control measures may include:

  • unique user accounts
  • role-based or responsibility-based access restrictions
  • strong authentication requirements
  • multi-factor authentication for administrative or other higher-risk access where appropriate
  • periodic review of access rights
  • removal or adjustment of access when it is no longer required

Users are expected to maintain the confidentiality of their login credentials and use authorized systems responsibly.

4. Data Protection

Empower Group Care uses reasonable and appropriate safeguards intended to help protect data processed through the application.

Depending on the nature of the system and the data involved, safeguards may include:

  • encryption of data in transit using industry-standard protocols
  • encryption of data at rest where appropriate
  • logical access restrictions
  • backup and recovery practices
  • retention and deletion practices aligned with business, legal, contractual, and operational requirements

5. Application and Infrastructure Security

We maintain security practices intended to reduce risk across the lifecycle of the application and supporting systems. These practices may include:

  • controlled configuration and deployment processes
  • separation of development, testing, and production environments where practical
  • review and testing of changes before production release where appropriate
  • remediation of identified issues based on severity, risk, and operational impact
  • secure configuration and general hardening practices where appropriate

6. Vulnerability and Patch Management

Empower Group Care maintains processes intended to identify, evaluate, prioritize, and address vulnerabilities affecting the application and supporting systems.

These processes may include:

  • applying security updates and patches based on risk and applicability
  • monitoring relevant security advisories and vendor notifications
  • prioritizing remediation activities based on severity and business impact
  • implementing temporary or compensating safeguards where immediate remediation is not feasible

7. Logging and Monitoring

We maintain logging and monitoring practices intended to support service reliability, operational visibility, and security investigation.

Depending on the system and use case, this may include monitoring for:

  • authentication events
  • administrative actions
  • service errors and failures
  • suspicious or unauthorized activity
  • other security-relevant events

Access to logs is restricted as appropriate, and logs may be retained in accordance with operational, legal, or contractual requirements.

8. Incident Response

Empower Group Care maintains procedures intended to support the identification, investigation, containment, remediation, and recovery of suspected or confirmed security incidents affecting the application or related services.

Our response activities may include:

  • internal reporting and escalation
  • containment of affected systems or access
  • investigation and remediation
  • recovery and restoration activities
  • review of incidents to improve future prevention and response

Where appropriate, Empower Group Care may provide notice of certain incidents in accordance with applicable law and contractual obligations.

9. Business Continuity and Recovery

We maintain backup and recovery measures intended to support the continuity and restoration of critical application services and data following certain outages, failures, or security events.

Recovery approaches are based on system importance, operational requirements, and available resources.

10. Workforce Security and Awareness

Individuals with access to company systems or application data are expected to follow company security requirements and use company resources appropriately.

Security expectations may include:

  • protecting credentials and devices
  • using approved systems and services for company business
  • reporting suspicious activity or security concerns promptly
  • following applicable data handling and access procedures

Security awareness measures may be provided based on role, risk, and business need.

11. Third-Party Services

Empower Group Care may use third-party tools, platforms, infrastructure, or service providers to support the delivery, maintenance, security, and operation of the application.

We seek to use reasonable and appropriate measures to evaluate and manage third-party risk in a manner consistent with the nature of the services provided and the sensitivity of the data involved.

12. Confidentiality of Customer Data

Empower Group Care is committed to handling customer data in a manner consistent with applicable contractual commitments, published policies, and legal requirements.

We do not intentionally access customer data except as reasonably necessary to provide services, maintain the platform, respond to support requests, protect the security of our systems, comply with legal obligations, or as otherwise authorized.

13. Shared Responsibility

Security is a shared responsibility. While Empower Group Care maintains safeguards designed to protect the application and supporting systems under our control, customers are also responsible for managing user access appropriately, protecting credentials, using supported configurations, and maintaining the security of devices and environments they use to access the service.

14. Policy Maintenance

This Application Security page may be updated from time to time to reflect changes in our services, business operations, legal obligations, or security practices. The most current version will be posted on our website.

15. Contact Information

Questions regarding this Application Security page or security-related inquiries may be directed to:

Empower Group Care
Email: egcsecurity@empowergroupcare.com
Website: https://www.empowergroupcare.com/contact-us-header/

Last Updated: March 31, 2026