We take data security to heart.
AliveCor is committed to protecting our customers by achieving a high standard of data security and compliance. As our organization scales, we continue to evolve and adapt our data governance and protection strategies, and strive to provide secure technology services to our customers.
AliveCor complies with the following security assurance programs:
Type 1 SOC 2
Completing the Type 1 SOC 2 examination with zero exceptions listed implies that AliveCor’s Kardia and KardiaPro platforms meet or exceed the stringent security standards set by the American Institute of Certified Public Accountants (AICPA). The examination reports on AliveCor’s system and the suitability of the design of security controls.
HIPAA compliance attestation
HIPAA compliance attestation implies that AliveCor’s Kardia and KardiaPro platforms are compliant with the requirements of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and the Breach Notification Rule. These are a list of established performance criteria across the areas of security, privacy, and breach laid down by the Office of Civil Rights (OCR).