Security & Privacy
With today’s health environment increasingly focused on the protection of ePHI, you can be assured that our services operate within a highly secure and controlled environment. To illustrate our commitment to effective operational controls, and to privacy and security best practices, we have undergone a Type 1 Service Organization Control (SOC) examination, have passed a HIPAA Risk Assessment conducted by HALOCK Security Labs, and run Qualys penetration tests routinely. Collectively, these provide assurance about the controls we implement to protect the privacy and security of users’ data.
SOC 1 Examination
HALOCK Security Labs HIPAA Risk Assessment
HALOCK conducted a HIPAA Risk Assessment that ensures HPN has the appropriate controls in place to mitigate the vulnerabilities and threats that may affect the security of ePHI. HALOCK also reviewed our internal HIPAA Risk Assessment that is conducted quarterly and ensured that it was accurate, thorough, and properly designed to assess potential risks and vulnerabilities.
Qualys Inc. Penetration Testing
We employ Qualys Penetration Testing to evaluate our IT systems and provide immediate visibility to any areas that may be vulnerable to the latest Internet threats and how to stay protected. This allows us to continuously secure our IT infrastructure and comply with internal policies and external regulations.