Carer data treated like the clinical record it is.
CareComply was designed for regulated environments. We host in the UK, encrypt at rest, sign every export, and enforce security at the database layer — not just the application.
Protection at every layer.
Security is not an afterthought in CareComply — it is a design constraint. Here is how we protect the data you entrust to us.
ICO-registered
We are a registered data controller under UK GDPR and the Data Protection Act 2018.
UK data residency
All data is stored and processed in AWS eu-west-2 (London). Your data never leaves the UK.
Encryption at rest
AES-256 encryption on all stored data. TLS 1.2+ on all data in transit.
Tamper-evident exports
Every audit export is cryptographically signed with HMAC. Verifiable years later.
Row-level security
Database-level isolation. No query can access another organisation's data — enforced at the DB layer, not application layer.
Granular permissions
Every action is scoped to a role. Custom roles on Pro. Audit log records the identity behind every operation.
Every action. Tamper-evident. Verifiable.
The audit log records every event — who did it, when, from where, and what CQC key question it maps to. The log is append-only; no user, including an owner, can edit or delete entries.
- Immutable append-only log
- User identity + IP on every event
- CQC key question tagging
- Exportable as signed CSV or Excel
- HMAC-verified exports — independently verifiable
| Time | User | Action | CQC | Severity |
|---|---|---|---|---|
| 2m ago | imogen.reed@linden | Approved document · DBS check · Marcus Holloway | Safe | info |
| 14m ago | system | Sent automatic chase · Reference · Dr. Helen Whitfield | Safe | info |
| 1h ago | kola.adekoya@linden | Uploaded document · Right to Work · P. Subramanian | Effective | info |
| 3h ago | system | Expiry reminder sent · Manual Handling · H. Wójcik | Safe | warning |
| Yesterday | imogen.reed@linden | Rejected reference · Char. ref. · M. Holloway | Safe | warning |
| Yesterday | system | Audit export signed · carecomply-cqc-audit-linden.xlsx | Well-led | info |
Your data is yours. Always.
CareComply acts as a data processor for your tenant data and a data controller for our own operational data. A standard Data Processing Agreement (DPA) is available on request and pre-signed for Pro and Enterprise customers.
Sub-processors are limited to AWS (infrastructure), Stripe (billing), and Resend (transactional email). We do not sell or share your data with third parties.
If you cancel, you can export everything — every document, every audit log, every reference — before your account closes. Tenant data is permanently deleted within 30 days of confirmed cancellation.
Run a CQC-ready agency without the spreadsheet tax.
Move onboarding, document review, reference chasing, and inspection prep onto a single audited workspace. Live in a day, free for 14.