Privacy Policy

Effective Date: August, 2014

CorVel Corporation ("CorVel") has created this privacy statement in order to demonstrate our firm commitment to privacy. The following discloses our information gathering and dissemination practices for this website, (the "Site"), and the CorVel mobile applications in use during the service to our customers (the “Mobile Apps”).”.

Collection and Use of Information About Site Website Visits

We (and our authorized service providers) may collect, store and use:

(a) information about your visits to and use of this Site and the Mobile Apps; and

(b) information about any transactions carried out between you and us on or in relation to this Site and the Mobile Apps, including information relating to any purchases you make of our goods or services.  We do not maintain this information on an individually identifiable basis. The information is maintained on an aggregate basis.

We also may collect information about your computer and your visits to this Site such as your IP address, geographical location, browser type, referral source, length of visit and number of page views. This information is maintained on an aggregate basis, not on an individually identifiable basis. We may use this information in the administration of this Site, to improve the Site’s usability, and for marketing purposes.  We may share your personal information with other business entities, in connection with the sale, assignment, merger or other transfer of all or a portion of CorVel’s business to such business entity.  We will require any such successor business entity to honor the terms of this privacy statement.


We use cookies on public facing websites. A cookie is a text file sent by a web server to a web browser, and stored by the browser. The text file is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.

We may send a cookie which may be stored by your browser on your computer’s hard drive. We may use the information we obtain from the cookie in the administration of this website, to improve the Site’s usability and for marketing purposes. We may also use that information to recognize your computer when you visit our Site, and to personalize our Site for you. Our advertisers may also send you cookies.

Most browsers allow you to refuse to accept cookies. (For example, in Internet Explorer you can refuse all cookies by clicking “Tools[”],” “Internet Options[”],” “Privacy[”],” and selecting “Block all cookies” using the sliding selector.) This will, however, have a negative impact upon the usability of many websites, including this one.

Mobile App Privacy

The CareMC Mobile App, which permits users to view their claims and payment data, does not collect personal information of its users, except as necessary to support and service the Mobile App on behalf of our customer.   CorVel does not disclose personal information collected through the Mobile Apps with any third parties other than our authorized service providers.  CorVel recognizes that some of the data accessed through the CareMC Mobile App may be protected health information subject to the Health Insurance Portability and Accountability Act (“HIPAA”), and safeguards such information in accordance with applicable HIPAA privacy and security standards. 

Linking Sites

The Site contains links to other sites. CorVel is not responsible for the privacy practices or the content of such websites, including any sites that may indicate a special relationship or partnership with CorVel (such as co-branded pages or "powered by" or "in cooperation with" relationships). CorVel does not share information it gathers with other websites or any other entities or individuals unless such sharing is approved in advance by you. Other linked sites, however, may collect personal information from you that is not subject to CorVel's control. To ensure protection of your privacy, always review the privacy policy of the sites you may visit by linking from the Site. Please note that this privacy statement applies only to and websites that carry the brand, and not to other companies' or organizations' websites to which we link.


CorVel employs security measures utilizing industry-standard technology to protect the loss, misuse or alteration of personal information that you disclose through the Site or the Mobile Apps. Personal information is stored in a secured database and always sent via an encrypted Internet channel. Further public disclosure here of our security measures could aid those who might attempt to circumvent those security measures. As a member, if you have additional questions regarding security, please feel free to contact CorVel directly. To ensure that our employees comply with our privacy policies, we have developed a training program that provides all employees with the tools and knowledge to protect member privacy in all aspects of their work. Any employee who violates our privacy policies is subject to disciplinary action, including possible termination and civil and/or criminal prosecution. CorVel may disclose personal information in special cases when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating the CorVel Agreement or may be causing injury to or interference with (either intentionally or unintentionally) CorVel's rights or property, other CorVel users, or anyone else that could be harmed by such activities. CorVel may disclose or access personal information when we believe in good faith that the law requires it and for administrative and other purposes that we deem necessary to maintain, service and improve our products and services.

Your Role in Protecting Your Privacy

Never share your CorVel password with anyone whom you don't want accessing your account. It is your sole responsibility to inform CorVel of any need to deactivate a password.

Response to “Do Not Track” Signals

Some Internet browsers include the ability to transmit “Do Not Track” signals.  Since uniform standards for “Do Not Track” signals have not yet been adopted, CorVel does not process or respond to “Do Not Track” signals.

Children's Privacy Protection

CorVel understands the importance of protecting children's privacy in the interactive online world.  The Site is not designed for, or intentionally targeted at, children 13 years of age or younger.  It is not our policy to intentionally collect or maintain information about anyone under the age of 13.  No one under the age of 13 should submit any personal information to CorVel and/or the Site or the Mobile Apps.

Notice Requirement under Texas HB300 (Texas Medical Records Privacy Law)

Because certain divisions of CorVel collect, maintain and electronically transmit protected health information, as that term is defined in Texas Health & Safety Code Section 181.006 (“PHI”), we are required by Texas law to notify individuals that their PHI is subject to electronic disclosure.  We note, however, that CorVel only uses and discloses PHI as permitted by its HIPAA covered entity customers.

Changes to the Privacy Statement

This privacy statement may be revised from time to time as we add new features and services, as laws change, and as industry privacy and security best practices evolve.  We display an effective date on the policy in the upper right corner of this privacy statement so that it will be easier for you to know when there has been a change.  If we make any change to this privacy statement regarding use or disclosure of personal information, we will provide advance notice on this Site.  Please check this privacy statement periodically for changes.  Small changes or changes that do not significantly affect individual privacy interests may be made at any time and without prior notice. Your use of the Site constitutes acceptance of the provisions of this privacy statement and your continued usage after such changes are posted constitutes acceptance of each revised policy statement. If you do not agree to the terms of this privacy statement or any revised privacy statement, please exit the Site immediately. If you have any questions about this privacy statement, the practices of the Site or the Mobile Apps, or your dealings with the Site, you can email at

Hosted in the United States and for US Visitors Only

This Site is hosted in the United States and is intended for United States visitors only. If you are outside of the United States, please note that you are transferring your data to the United States and by providing your information, you consent to that transfer. You also are consenting to the processing of your information in the United States as provided in this Policy.