We strive to give customers the peace of mind that patient, member, and customer data is protected while ensuring personalized digital engagement is happening safely and securely. Our commitment to security and compliance enables you to maintain your reputation, protect customers, and stay ahead of the competition.
Trust is a core pillar of our platform, putting us at the forefront of digital marketing and CRM tools built for healthcare. We will continue to deliver on our mission to bring care full circle while ensuring you and your patients are protected.
These compliance acronyms may sound the same, but essential distinctions exist. The Health Insurance Portability and Accountability Act (HIPAA) details compliance standards, while the Health Information Trust Alliance (HITRUST) is a workable framework and organization that helps you achieve compliance. At Cured, we follow the highest standards and ensure we are HITRUST-compliant and HIPAA-eligible.
Several vendors claim HIPAA eligibility. However, it is important to note no single third party verifies HIPAA compliance. Companies self-identify HIPAA eligibility, meaning you must take their word for it. Their ability to sign a Business Associate’s Agreement with you does not necessarily mean they allow you to store, manage, or use PHI in their platforms. HITRUST certification allows Cured to confidently store PHI and enable our customers to use it appropriately for their needs.
Cured’s platform is HITRUST certified. This certification verifies our compliance with the most rigorous healthcare security standards.
HITRUST is a third-party organization that delivers data protection standards and certification programs to help organizations safeguard sensitive information, manage information risk, and reach compliance goals. HITRUST is a healthcare-specific certification that verifies a company uses the strictest requirements when handling high-risk data.
Cured adheres to the Health Insurance Portability and Accountability Act (HIPAA) to provide secure communication and storage of patient data.
HIPAA sets standards for patient data and protecting PHI. The HIPAA privacy and security rules are national regulations for the use, disclosure, and protection of PHI. These regulations establish safeguards for compliance and technical requirements.
Cured will enter into business associate agreements (BAAs) with relevant partners and customers to ensure HIPAA requirements are satisfied and create liability between parties.
Cured is SOC 2 Type 1 and Type 2 certified. This certification ensures service providers securely manage your data to protect your organization's interests and its clients' privacy.
SOC 2 compliance is a component of the American Institute of Certified Public Accountants (AICPA)’s Service Organization Control reporting platform. These certifications ensure systems are set up for security, availability, processing integrity, confidentiality, and customer data privacy. SOC 2 is a technical audit and requirement that comprehensive information security policies and procedures be written and followed.