Protection

Breathe Easy Knowing You’re Protected

Data allows us to engage new audiences, empower health coaches, and deliver the very best outcomes for our participants. With our rigorous security features and policies, partners and participants can rest easy knowing their information is always protected.

Secure

Secure

We use best-in-class encryption technology to make sure your data is secure and encrypted at rest or while in motion.

Reliable

Reliable

We have a track record of 99.99% uptime and secure data.

Trusted

Trusted

Our platform has been evaluated by security teams of fortune 100s and they trust us to keep their information safe.

We Safeguard Your Information

To individuals enrolled in our program, we make absolutely certain that we safeguard your protected health information (PHI) according to the requirements of HIPAA and industry best practices.

Check

Secure

Our targeted uptime is 99.9% excluding maintenance. Want to see for yourself? Check out this week’s
performance status.

Check

Hosting

Our infrastructure runs on Amazon Web Services, ensuring the highest benchmarks in the host and network encryption, patch management, physical security, and network security. All data is stored within the U.S.

Check

Support

We enlist independent security firms to conduct annual third-party penetration tests on an annual basis that assess our site for vulnerabilities.

Certified for Your Safety

We’re a HIPAA covered entity in delivering MSK Care to our participants, we’re also the business associate of our customers—using data that you provide to check eligibility and conduct enrollment outreach activities. You’ll retain ownership of all data that you share with us, and we’ll protect it in accordance with our customer agreement and BAA.

SimpleTherapy has implemented the industry-standard Security & Privacy controls and performed an independent third-party audit to obtain a clean SOC 2 Type 2 + HITRUST CSF v9.3 report. The complete report can be provided once the NDA is executed.

SimpleTherapy conducts annual internal reviews and has benchmarked its privacy and security program against the OCR HIPAA audit protocol, NIST CSF, and HITRUST.

HIPAA
AICPA SOC