Legal

User Verification

Last updated: May 27, 2026. The identity verification, background-check, and credential workflows the Service supports — and what remains the Customer's responsibility.

This page describes the workflows that WAVE TECHNOLOGIES LLC (the "Company") makes available through the CareWave platform (the "Service") to support Customer's verification of its End Users. The Service is a tool. The Customer remains the responsible party for hiring decisions, background-check execution, and compliance with state caregiver registry and licensure requirements.

1. Roles

  • Customer. The home-care, staffing, or healthcare organization that subscribes to the Service and is the employer or contracting party of its caregivers.
  • End User. The caregiver, staff member, administrator, or other individual authorized by Customer to access the Service.
  • Company. The operator of the Service.

2. Identity Verification

The Service requires every End User to authenticate to a unique account tied to a verified identifier. Standard verification steps include:

  • verification of an email address or mobile phone number by code;
  • Customer-side invitation, which binds the End User account to the Customer's organization;
  • optional document upload for identity artifacts (for example, state-issued identification, driver license, or work authorization documents), which Customer can review within the Service; and
  • role-based access controls that determine what data and features the End User may access.

The Company does not, at this time, operate an independent identity-proofing service (such as NIST 800-63 IAL2 proofing). Customer is responsible for making hiring and access determinations based on the artifacts End Users upload and on its own due diligence.

3. Background Checks

Background-check obligations vary by state, by service line, and by payer. Examples of typical obligations include criminal history checks, fingerprint-based checks, state child- and vulnerable-adult-abuse registry checks, sex-offender registry checks, the federal OIG List of Excluded Individuals/Entities, and the federal System for Award Management.

The Service does not perform background checks. Customer is responsible for selecting a Consumer Reporting Agency, obtaining the required candidate disclosures and authorizations under the federal Fair Credit Reporting Act and applicable state law, performing the check, and acting on adverse information consistent with applicable law. Where the Service offers integrations or document upload for background-check artifacts, those artifacts are stored consistent with the Privacy Policy and, where they contain PHI, with the executed Business Associate Agreement.

The Service supports re-check cadences by tracking expiration of background-check artifacts and prompting Customer to renew them. Customer remains responsible for executing the renewal and for maintaining records sufficient to demonstrate compliance to regulators.

4. Caregiver Registries

Many states maintain caregiver registries that home-care agencies must check before employing a caregiver, and many maintain abuse-and-neglect registries that must be checked concurrently. Examples include state Nurse Aide Registries, state Home Care Aide Registries, and state Abuse and Neglect Registries. The Company does not maintain a connection to any registry. Customer is responsible for performing the lookups, recording the result in the Service or in its records, and re-checking on the cadence required by applicable law.

5. Training and Credential Records

The Service supports tracking of:

  • certifications (for example, CPR, CNA, HHA, Med Tech), including issuing authority, certification number, and expiration date;
  • training hours by category (for example, annual in-service hours, infection control, abuse prevention, dementia care);
  • license, vehicle insurance, and vehicle registration records where caregivers drive in the course of their duties; and
  • periodic competency evaluations recorded by a supervisor.

Customer is responsible for ensuring that the credential records in the Service reflect the End User's actual credentials and training. Misrepresentation of credentials by an End User is a basis for termination of the End User's account by the Company and may be reported to applicable state authorities by Customer as required by law.

6. End User Acknowledgments

By accessing the Service, each End User acknowledges and agrees that:

  • the End User will submit accurate identity, credential, and training information;
  • the End User authorizes Customer to verify the information submitted, including against state registries and third-party Consumer Reporting Agencies;
  • misrepresentation of identity or credentials is grounds for immediate termination of the End User's account and may be reported to applicable registries and licensing boards;
  • location data captured at clock-in and clock-out events is used by Customer for visit verification and may be transmitted to state EVV aggregators consistent with state law; and
  • voice notes, photos, and other artifacts the End User contributes through the Service are processed in accordance with the Privacy Policy.

7. Right to Refuse Service

The Company reserves the right to suspend or terminate the account of any End User who:

  • fails an identity or credential verification step;
  • attempts to circumvent the Service's verification workflows, including by spoofing location, sharing credentials, or fabricating credential artifacts;
  • has been reported by Customer to the Company as having engaged in conduct inconsistent with the Service's acceptable use; or
  • is the subject of a credible report of abuse, neglect, or exploitation that is referred to the Company through the channels described in this policy.

Suspensions and terminations under this Section are at the Company's reasonable discretion and are not subject to appeal except by Customer's written request through hello@carewave.us.

8. End User Data Rights

End Users may request access, correction, or deletion of the verification data the Service stores about them by emailing hello@carewave.us. The Company will respond consistent with the Privacy Policy and with applicable law, including any retention requirements imposed on Customer by state law (for example, retention of caregiver records for the period required by the state's home-care licensure rules).

For employment-related background-check records governed by the Fair Credit Reporting Act, End Users should also direct requests to Customer, which holds the employer-side rights and obligations.

9. Reporting Misconduct

Anyone with information about credential misrepresentation, registry violations, or other End User misconduct on the Service may report it to hello@carewave.us. Reports may be submitted anonymously. The Company does not retaliate against good-faith reporters. Reports concerning suspected abuse, neglect, or exploitation should also be made directly to the Customer and to the appropriate state authority.

Contact Us

For questions about User Verification on CareWave, contact us by email at hello@carewave.us.