Hint Health Security

Hint Health is committed to keeping customer and patient data private and secure. We keep your data safe so that you can focus on providing care.

Security Factors

  • Data Center Security: Hint Health runs in highly secure data centers. Our hosting providers are regularly audited against comprehensive frameworks including SSAE 16 and ISO 27001. All Hint Health services run within private, secure network layers, addressable only through whitelisted gateways.

  • Data Encryption: All data is encrypted whenever possible. All traffic is encrypted in transit with SSL/TLS. All data is encrypted at rest with full key/data segregation. We also continually review our code for OWASP, CVE, and NVD-reported vulnerabilities.

  • Data Access & Activity Audit: All data access is restricted to approved employees based on job function. All access is logged and stored for auditing and anomaly detection. All changes to customer data are tracked via audit logs.

  • Web Application Security: Hint Health applications are built with industry best practice safeguards such as input data validation, CSRF protection, and password encryption.

  • Business Continuity: The Hint Health platform is designed to be resilient. We continuously implement and test contingency and disaster recovery plans as part of our operations cycle. Encrypted backups are performed every 24 hours. Hint Health uses only hardened, best-in-class configurations for all of our services.

  • Implementation: Hint Health’s security program is defined by a formal set of policies and procedures, which are reviewed regularly by our Chief Technology Officer and executive team.