ISO 27001
Implemented
Implemented
ISO/IEC 27001 is the leading globally recognized information security standard. We have implemented an Information Security Management System and accompanying policies, procedures, and controls that align with ISO 27001 requirements, with formal certification on our business roadmap.
We maintain HIPAA-compliant policies and procedures for managing PHI/ePHI. As a Business Associate (not a covered entity), we execute Business Associate Agreements and comply with all applicable HIPAA requirements.
We adhere to CCPA privacy principles including data minimization, no sale of personal information, and honoring deletion requests although this is a voluntary choice for our business size.