Actium Health Security Notice
Last updated August 2022
Our commitment to our security practices and policies starts with transparency. This is your source for Actium Health’s security, compliance, and privacy.
Our Approach to Security:
Security– We deliver a robust security program in our product and corporate environments by elevating our people, instilling secure processes, and protecting technology.
Compliance – We intentionally designed our security program aligning to the HITRUST framework and it is third-party assured by an independent auditing firm.
Privacy – Our privacy program provides transparency on how we collect, use, disclose, transfer, and store customer information.
We build a secure solution to maintain confidentiality, integrity, and availability in order to protect our application and customer data. Our secure software development lifecycle is infused throughout, from architecture to production.
Secure Development from the Start – Security is considered from the project planning stage and throughout the development process.
Security Awareness Training – Continuous security training is mandatory for developers as well as all employees.
Code Reviews – Manual code reviews are conducted to ensure that the application is both functional and secure.
Automated Application Security Testing – Automation tools are used to test our products to discover vulnerabilities prior to going live.
Security Risk Assessments – Security assessments are performed at the earliest stage of a project to evaluate risk treatment plans before work begins.
Our dedicated internal teams work continuously to improve our threat-mitigation practices to protect Actium Health’s infrastructure.
Zero Trust – Our team continuously evaluates multiple contextual data points to provide secured access and least privilege to our systems.
Mobile Device Management – End-user devices are centrally managed to ensure all devices are compliant to corporate controls and policies.
Threat Management – Diagramming and visualizing system components, data flows, and security boundaries is used to identify threats allowing for corporate risk mitigation.
Governance, Risk, and Compliance
Governance Framework – Governance is the foundation of building our security program to accomplish meeting all objectives in our security program, regulatory requirements, and ethical guidelines.
Security Risk Management – Our risk management program establishes roles and accountability for managing, monitoring, and improving our security and business practices.
Organization Compliance – Security policies and control frameworks are regularly audited by our internal security staff and external third-party auditors.
Third-party assured to earn your trust
Actium Health models our security program around the industry best practices and framework of HITRUST CSF. We are accredited with HITRUST Alliance and if you are a customer or becoming a customer we can provide the letter of certification upon request.
HITRUST stands for the Health Information Trust Alliance and has adopted common risk and compliance management frameworks, related assessments and assurance methodologies.