Search

SECURITY & PRIVACY

Guided By Industry Best Practices

At Mobile Heartbeat, we are passionate about improving clinical processes through the use of technology. We are also aware that protection and privacy of information are non-negotiable requirements. Everyone is part of the InfoSec team and have consciousness of:

  • Our cyber behaviors matter downstream to our customers and to the communities that they serve
  • Our position in the healthcare supply chain demands strong defense against information security threats

InfoSec Core Objectives

The InfoSec Program at Mobile Heartbeat has three core objectives:

Our InfoSec program aims to secure our technology and our customers’ data.

Our Security Philosophy and Vision

We appreciate that our customers involve Mobile Heartbeat as part of their technology-enhanced clinical collaboration processes, thus we’re dedicated to building the industry’s most secure and trusted unified clinical communication platform. Our cloud offering, Banyan, is managed, standardized, and tested to meet customers’ demand for trust.

Guided by the industry best practices and regulatory requirements, security and privacy are embedded into the fabric of Banyan across all layers from platform to application.

Security + Privacy by Design and in Operations

  • Information security risk assessments
  • Security review of technical designs and architectures
  • Logical segregation of customer data
  • Authentication and role-based access control for least-privilege access
  • Just-in-Time privileged access
  • Data encryption in transit and at rest
  • Vulnerability and threat management
  • Security logging and monitoring
  • Platform and application penetration tests by external, independent vendors

HIPAA Privacy and Security Rule Standards

  • Focus area in the risk assessment process
  • Active monitoring of compliance
  • Workforce training and awareness
  • PHI handling guidance for the workforce

Multiple US regional presence for redundancy

Segmented architecture based on the hub-and-spoke model

Infrastructure as Code and containerized app for easy recovery

Security Incident Response exercises

Built Through Secure Development Program

  • Threat modeling
  • Security testing on the CI/CD pipeline
    • Static Code Security Testing (SAST)
    • Secret ccanning
    • Software composition analysis (dependency check)
  • Security testing off the CI/CD pipeline
    • Dynamic Application Security Testing (DAST)
    • Penetration testing by 3rd parties

Contact Info

If you have any questions or inquiries about Mobile Heartbeat’s information security program, please contact infosec@mobileheartbeat.com
Responsible Disclosure

Request a Demo

With improved operations across the hospital, we’ll empower your organization to advance patient care.

Complete the form and we will reach out shortly!

Return to Top

© 2024 Mobile Heartbeat. All Rights Reserved.

51 Sawyer Road, Suite 320, Waltham, MA 02453
781-238-0000
info@mobileheartbeat.com

Linkedin Facebook Instagram