CipherHealth
Trust Center

Data Privacy & Security

The patient-facing operating system that protects your healthcare data.

At CipherHealth, your data privacy and security are our top priorities — which is why we foster a culture focused on safeguarding patient data. We continuously hold ourselves accountable to the highest security standards in the industry.

HITRUST CSF Certified

CipherHealth has achieved HITRUST CSF certification for the Evolve Platform, giving our customers the assurance that we meet their strict security standards. The HITRUST Common Security Framework (CSF) provides organizations with a comprehensive, flexible, and efficient approach to regulatory compliance and risk management.

HIPAA Compliance

CipherHealth is committed to protecting Protected Health Information (PHI) by complying with the Privacy Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). We maintain administrative, physical, and technical safeguards designed to protect the confidentiality, integrity, and availability of PHI. For more details, see our HIPAA Policy.

SOC 2 Type 2

CipherHealth has completed the Security Organization Control (SOC) 2 Type 2 certification process to evaluate our security, availability, and confidentiality protocols. This independent audit verifies that our controls are not only designed appropriately but are operating effectively over time.

TX-RAMP Level 2 Certification

CipherHealth has received TX-RAMP Level 2 Certification, which standardizes the approach for security assessment, certification, and continuous monitoring of cloud computing services that process the data of Texas state agencies.

Our Security Practices

CipherHealth employs a defense-in-depth approach to security, including:

  • Encryption of data in transit and at rest using industry-standard protocols
  • Regular penetration testing and vulnerability assessments
  • Continuous monitoring and logging of system activity
  • Role-based access controls and multi-factor authentication
  • Employee security awareness training and background checks
  • Incident response planning and business continuity procedures

Want to Learn More?

If you are looking for more information on our security and privacy readiness, please reach out to us at [email protected] or request a demo to speak with our team.