Hint Health Obtains SOC2 Type 1 & ISO27001 Security Compliance Certifications
How secure is your practice’s data? Surprisingly, for many software vendors in the nascent direct care technology market, investing in data security and privacy compliance are either not a priority or not possible—putting patients and practices at serious risk.
The threat is real. According to HIPAA Journal’s reporting on IBM’s 2020 Cost of Data Breach Report, “Healthcare registered the highest number of data breaches of any industry sector between January and October 2020, accounting for almost a quarter (24.5%) of all reported data breaches, ahead of technology (15.5%), education (13%), and the government (12.5%)”.
In 2020, the average cost of a data security breach in US healthcare rose to $8.6M.
Hackers and scammers are constantly targeting healthcare businesses to steal sensitive information including credit cards, bank account information, PHI, health records, usernames, passwords, and more. For practices that have direct financial relationships with patients and employers, such as those operating direct-to-consumer and direct-to-employer models like direct primary care, onsite/nearsite, and advanced primary care, the fallout of a data breach could be existential.
Hint handles sensitive financial and patient information every day, but in a competitive market Hint stands alone in how we respect and protect customer data. For Hint customers, your data is now safer than ever because we’ve obtained new SOC2 Type 1 and ISO27001 security compliance certifications through a rigorous months-long process that included multiple independent security audits. These hard-to-get certifications should give our customers the confidence and peace of mind that Hint’s procedures, technology, and employees will always follow leading best practices for data privacy and security.
“These new certifications show our commitment to proactively protecting not just our customers’ data but their reputations as well.”
VuDang Tran, Head of IT Security at Hint Health
We’re currently pursuing the even more stringent SOC2 Type 2 certification, and we will continue to implement best practices to ensure that we are building-in information security to our products and processes.