Ontellus is committed to protecting your reputation, your profitability and the interests of your valued clients and customers. To that end, we ensure that storage of our clients’ sensitive information aligns with the highest levels of security standards, as verified through our SOC Certification, HIPAA and HITECH Act Compliance and our own stringent, internal security practices.

Data Security

SOC 2 Type II Certified

Ontellus is proud to have achieved SOC 2 Type II certification from the American Institute of Certified Public Accountants (AICPA), verifying our commitment to customer data security and stringent security practices.

To achieve SOC 2 Type II certification, comprehensive audits of Ontellus' security, availability, processing integrity, confidentiality and privacy controls is conducted annually.

HIPAA & HITECH Compliant

Ontellus’ internal controls and structures are meticulously audited for compliance with the strict requirements of HIPAA and the HITECH Act.

In addition to constant security monitoring, we conduct employee background checks and provide HIPAA education to all employees to protect the health information obtained for our clients.

Our Privacy Officer monitors regulatory changes to mitigate the risk of potential data privacy and security breaches.


Internal Security Audit

We regularly audit Physical Access Controls using a secure entry system and surveillance monitoring.

Role Based Access Controls restrict employees to only the systems their role requires.

Random audits of employee workstations are conducted to ensure data privacy and security requirements are followed.

Internal and external penetration testing and audits are conducted bi-annually.

SOC II Image.jpg