Ontellus is proud to have achieved SOC 2 Type II certification from the American Institute of Certified Public Accountants (AICPA), verifying our commitment to customer data security and stringent security practices.
To achieve SOC 2 Type II certification, comprehensive audits of Ontellus' security, availability, processing integrity, confidentiality and privacy controls is conducted annually.
Ontellus’ internal controls and structures are meticulously audited for compliance with the strict requirements of HIPAA and the HITECH Act.
In addition to constant security monitoring, we conduct employee background checks and provide HIPAA education to all employees to protect the health information obtained for our clients.
Our Privacy Officer monitors regulatory changes to mitigate the risk of potential data privacy and security breaches.
We regularly audit Physical Access Controls using a secure entry system and surveillance monitoring.
Role Based Access Controls restrict employees to only the systems their role requires.
Random audits of employee workstations are conducted to ensure data privacy and security requirements are followed.
Internal and external penetration testing and audits are conducted bi-annually.