Thank you for trusting Frontier HSA with your company, employee, claim, and payment information. We take that responsibility seriously and design our systems and internal processes around protecting the data needed to administer Health Spending Accounts.
Frontier HSA uses managed cloud services, encrypted connections, role-based access controls, application-level encryption for sensitive bank details, and careful development practices to reduce the risk of unauthorized access, disclosure, misuse, or loss of data.
Security at Frontier HSA is a shared responsibility across our product, engineering, and operations work.
Vulnerability Disclosure
If you believe you have found a security vulnerability in Frontier HSA, please contact security@frontierhsa.ca with "Security disclosure" in the subject line.
To help us investigate quickly, please include:
- a clear description of the issue;
- steps to reproduce it;
- the affected URL, account flow, or API endpoint;
- any proof of concept, screenshots, tool output, or logs that are safe to share; and
- your contact information for follow-up.
If we receive a security disclosure, we will work to reproduce the issue, assess its impact, prioritize remediation, and follow up with the reporter when appropriate.
Privacy and Compliance
Frontier HSA handles personal information in accordance with our Privacy Policy, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable Canadian privacy requirements.
We collect and retain information needed to establish and administer HSA accounts, process and validate claims, facilitate payments and reimbursements, meet tax and legal obligations, prevent fraud and abuse, and support customers. We do not sell personal information.
For privacy requests or concerns about personal information, contact our Privacy Officer at privacy@frontierhsa.ca.
Infrastructure and Network Security
Frontier HSA runs on managed cloud infrastructure. We rely on cloud providers for physical data centre security, infrastructure availability, and baseline platform controls. Frontier HSA employees do not have physical access to cloud provider data centres, servers, network equipment, or storage systems.
All production services are served over HTTPS. Data sent between the Frontier HSA web app, API, and user browsers is encrypted in transit using TLS.
The public website also applies a Content Security Policy that limits which sources can load scripts, images, fonts, frames, and network connections. This reduces the risk of unauthorized third-party content running on Frontier HSA pages.
Logical Access Control
Frontier HSA uses secure account authentication and session management. Users can sign in with supported authentication methods such as email magic links and Google sign-in.
Access inside the application is scoped by role and company membership:
- employees can access their own profile, claims, dependants, reimbursement information, and notifications;
- company administrators can manage company settings, benefit classes, employees, plan dates, and reporting for their organization.
Company administrators cannot adjudicate employee medical claims through the normal company admin interface. Claim review tools are separated into Frontier HSA internal workflows with additional authorization checks.
Data Protection
Frontier HSA limits sensitive data collection to information needed to operate the HSA service. This can include names, contact details, company information, claim information, receipts, dependant information, bank account details for reimbursement, and records needed for tax and compliance purposes.
Sensitive bank account fields are encrypted at the application layer before they are stored in the database. Encryption keys are provided through production environment secrets and are not stored in the source code.
Frontier HSA databases are encrypted at rest using AES-256 encryption. We also perform daily database backups to support recovery in the event of data loss, corruption, or operational failure.
Claim receipts and supporting documents are stored in managed cloud storage. Access to receipt metadata and claim records is controlled by application authorization checks.
Application logs are designed to avoid exposing high-risk secrets. Magic-link tokens, invitation tokens, account numbers, routing numbers, document contents, receipt contents, and similar sensitive values are redacted or hashed before being written to logs in the code paths where those values may appear.
Application Security
Frontier HSA validates API inputs before business logic runs, and protected API procedures require an authenticated session before returning account or claim data.
Our claim submission flow validates claim amounts, service dates, plan dates, company membership, annual limits, and supported file types before storing claim records and starting payment workflows.
Code changes are reviewed through our development workflow and checked by automated linting, formatting, and type-checking in CI. Higher-risk product flows, including authentication, claims, employee administration, super-admin workflows, and settings, also have end-to-end test coverage that can be run before release.
Penetration Testing
Frontier HSA conducts penetration testing annually across our production application surface, including the web app, API, infrastructure, and core operational workflows. Findings from penetration testing are reviewed, prioritized based on risk, and used to guide remediation work.
Workflow and Payment Operations
Frontier HSA uses workflow orchestration to manage claim, funding, payout, coverage, and information-request workflows. This helps keep multi-step operations traceable and resilient, especially when a claim requires review, funding, reimbursement, or additional documentation.
Payment and accounting operations use specialized third-party services where needed. We share only the information needed for the relevant operational purpose, such as creating invoices, facilitating transfers, sending service emails, or processing support workflows.
Subprocessors
Frontier HSA uses subprocessors to operate the service. Depending on the feature used, these providers may process account, payment, claim, communication, hosting, deployment, or support data needed to provide Frontier HSA.
We review providers before using them for Frontier HSA operations and update this list when our subprocessor usage materially changes.
| Subprocessor | Purpose |
|---|---|
| Wave | Accounting and invoicing |
| Resend | Transactional email delivery |
| Railway | Application hosting and infrastructure |
| Wise | Reimbursement and payment transfers |
| Expo Cloud | Application builds, deployment, and hosting |
Monitoring and Incident Response
If Frontier HSA becomes aware of a privacy breach that creates a real risk of significant harm, we will follow the breach response commitments described in our Privacy Policy, including notifying affected individuals and appropriate authorities where required.
Data Retention and Removal
Frontier HSA retains personal information only as long as needed for the purposes for which it was collected or as required by law. HSA claim and tax records may need to be retained for legal, tax, and audit purposes after a customer stops using the service.
When information is no longer needed and no legal or contractual retention requirement applies, we securely dispose of it in accordance with our privacy practices.
To request removal of personal information, email privacy@frontierhsa.ca. Some records may need to be retained where legal, tax, contractual, or audit requirements apply.
Security Updates
Security is an ongoing process. We review our technical controls, privacy practices, and operational workflows as the product evolves, and we update this page when our practices materially change.