Guided By Industry Best Practices

At Mobile Heartbeat, we are passionate about improving clinical processes through the use of technology. We are also aware that protection and privacy of information are non-negotiable requirements. Everyone is part of the InfoSec team and have consciousness of:

  • Our cyber behaviors matter downstream to our customers and to the communities that they serve
  • Our position in the healthcare supply chain demands strong defense against information security threats

InfoSec Core Objectives

The InfoSec Program at Mobile Heartbeat has three core objectives:

Our InfoSec program aims to secure our technology and our customers’ data.

Our Security Philosophy and Vision

We appreciate that our customers involve Mobile Heartbeat as part of their technology-enhanced clinical collaboration processes, thus we’re dedicated to building the industry’s most secure and trusted unified clinical communication platform. Our cloud offering, Banyan, is managed, standardized, and tested to meet customers’ demand for trust.

Guided by the industry best practices and regulatory requirements, security and privacy are embedded into the fabric of Banyan across all layers from platform to application.

Security + Privacy by Design and in Operations

  • Information security risk assessments
  • Security review of technical designs and architectures
  • Logical segregation of customer data
  • Authentication and role-based access control for least-privilege access
  • Just-in-Time privileged access
  • Data encryption in transit and at rest
  • Vulnerability and threat management
  • Security logging and monitoring
  • Platform and application penetration tests by external, independent vendors

HIPAA Privacy and Security Rule Standards

  • Focus area in the risk assessment process
  • Active monitoring of compliance
  • Workforce training and awareness
  • PHI handling guidance for the workforce

Built Through Secure Development Program

  • Threat modeling
  • Security testing on the CI/CD pipeline
    • Static Code Security Testing (SAST)
    • Secret ccanning
    • Software composition analysis (dependency check)
  • Security testing off the CI/CD pipeline
    • Dynamic Application Security Testing (DAST)
    • Penetration testing by 3rd parties

Contact Info

If you have any questions or inquiries about Mobile Heartbeat’s information security program, please contact