At Healthy.io, security, data, scalability and performance are the lifeblood of our clinical-grade and regulated services. We work hard to earn your trust while implementing our state-of-the-art, real-time infrastructure.
Our advanced security and data protection, independent certifications, and global regulatory compliance have earned the trust of the world’s leading healthcare organizations, such as the National Kidney Foundation, NHS England, and Clalit. We tailor the highest level security processes and practices across all business units to help you achieve your goals. The confidence of your users is important to us, and with that in mind, our staff includes a full-time, in-house Information Security Director and a growing, dedicated security team.
Our security practices are based on industry-leading standards such as ISO27001 and HITRUST, on which we are annually audited. Our transparency in relation to our security policies including our willingness to publish online, demonstrates our commitment to securing your information with the understanding of the wide range of services you can benefit from with Healthy.io. Information security policies and standards are approved by Healthy.io management and are available to all Healthy.io employees.
We keep your data secure, enabling us to perform duties in the security environments which protect your data with encryption, at rest and in transit. Healthy.io provides administrative and technical controls to enforce organization-wide protection, such as SAML SSO, and 2FA.
When it comes to privacy, Healthy.io has adopted Privacy by Design and Default principles and is committed to the protection of your personal data. Read more about Healthy.io privacy practices here.
Achieving compliance in the cloud is a shared responsibility. Healthy.io has implemented and tested controls that can help you meet your security, privacy and compliance needs. Learn how Healthy.io applies the various regulatory and industry standards.
The Healthy.io applications and services to which you are accustomed are based on our reliable, secure, and specialized architecture which ensures the high availability of your applications and data.
Compliance Certifications, Standards, and Regulations
Healthy.io provides third-party attestations, certifications, security reports and other relevant compliance reports directly to our customers under NDA. The ISO/IEC 27001:2013 certification can be downloaded from Healthy.io Trust Center.
Healthy.io control environment is subject to regular internal and external audits and risk assessments. Healthy.io engages with external certifying bodies and independent auditors to review and test the overall Healthy.io control environment.