Data & Privacy

At InjuryRight.com, keeping your information secure is a top priority for us, and we are committed to the security and privacy of our users. This means we're always working hard to safeguard your data and continually earn your trust. If you have questions regarding security, we are happy to answer them. Please write to Privacy@injuryright.com and we will respond as quickly as we can.

We place strict controls over our employees' access to user data, and have technical controls and audit policies in place to ensure the confidentiality, integrity, and availability of user data. Our employees and contracted personnel working with any user data are bound to our policies, and we treat these issues as matters of the highest importance.

Everyone at InjuryRight.com receives regular training to ensure that we remain focused on privacy and security. This includes privacy training that covers the protection of sensitive client information, including any health-related data provided by clients in personal injury cases, and compliance with applicable state and federal privacy laws. We also ensure that our employees receive annual data security training, regardless of their role in the company.

We employ industry-standard technology to safeguard data. Our platform uses full volume encryption on all data stored at rest, with secure backups and robust backup policies. We also use Transport Layer Security (TLS) connections to transmit data over HTTPS, ensuring your information is protected both in transit and at rest.

In addition to sophisticated system monitoring and logging, we utilize robust administrative identity, authorization, accountability, and authentication controls (including multi-factor authentication), as well as intrusion prevention and detection controls to protect our platform from unauthorized access and cyber threats.

We have a vulnerability management policy that covers internal and external testing, including annual third-party penetration testing, to find and remediate vulnerabilities that may present a risk to our platform or data. Our security team continuously monitors for new threats and implements patches and updates promptly.

InjuryRight operates an extensive security information and events management system. InjuryRight maintains a centralized logging environment, which contains events pertaining to security, monitoring, availability, access, and other metrics about the platform. We review our logging and monitoring systems regularly and respond promptly to automatic alerts.

InjuryRight has incident management policies and procedures in place in the event of a security breach. This includes notifying users of any unauthorized access to their data in the event of a breach as defined under relevant state laws. Our incident response team is trained to act quickly and effectively to minimize any potential impact.

New features, functionality, and design changes go through a security review process facilitated by the InjuryRight development team. We utilize automated static analysis software, and our teams manually peer-review code prior to being deployed to production. The Information Security team works closely with development teams to resolve any security concerns that may arise during development.

InjuryRight operates a vendor management program, which requires our Legal and Information Security Teams to evaluate all third-party vendors, service providers, and partners. We review each potential service provider to ensure that our vendors continue to meet InjuryRight's strict security and legal standards before granting them access to any user data.

We maintain a disaster recovery plan that supports a robust business continuity strategy. This plan has been developed to meet industry-standard methodologies and principles of high-availability engineering. Our systems are designed with redundancy and failover capabilities to ensure your data remains accessible and protected.

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. You have the right to request deletion of your personal data, subject to certain legal exceptions. To request deletion of your data, please contact Privacy@injuryright.com.

Depending on your location, you may have certain rights regarding your personal information, including the right to access, correct, or delete your data. California residents have additional rights under the CCPA, including the right to know what personal information we collect and the right to opt out of the sale of personal information. We do not sell your personal information.

We use cookies and similar tracking technologies to improve your experience on our platform, analyze usage patterns, and deliver personalized content. You can control cookie preferences through your browser settings. Essential cookies are required for the platform to function properly, while analytics and marketing cookies can be disabled.