We take data security to heart.
AliveCor is committed to protecting our customers by achieving a high standard of data security and compliance. As our organization scales, we continue to evolve and adapt our data governance and protection strategies, and strive to provide secure technology services to our customers.
AliveCor complies with the following security assurance programs:
SOC 2 Type 1 and Type 2
Completing the SOC 2 Type 1 and Type 2 examinations with zero exceptions listed implies that AliveCor’s Kardia and KardiaPro platforms meet or exceed the stringent security standards set by the American Institute of Certified Public Accountants (AICPA). The examinations report on AliveCor’s system and the suitability of the design and operating effectiveness of security controls.
HIPAA compliance attestation
HIPAA compliance attestation implies that AliveCor’s Kardia and KardiaPro platforms are compliant with the requirements of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and the Breach Notification Rule. These are a list of established performance criteria across the areas of security, privacy, and breach laid down by the Office of Civil Rights (OCR).