We take pride in the security of our products and services. With our team of security engineers and risk and compliance professionals, we are committed to building and implementing safeguards that put the security of our clients and their members first.
The Collective Health Platform is built on cutting-edge technologies that enable us to take advantage of the latest security tools and automation capabilities. As we continue to evolve our platform and services, the security and privacy of our clients and members is our number one priority.
At Collective Health, we have built a strong security culture that requires all employees to be actively involved in protecting client and member data. Employees are trained on how to protect sensitive information and are kept up-to-date on security policies, controls, and trending threats through ongoing awareness activities.
We utilize a defense in depth strategy that starts with a strong security architecture and layers in industry-leading encryption technologies to protect our client and member data both at-rest and in-transit.
Our continuous risk assessment approach is embedded into our core business functions. Security risks to business processes and systems are monitored, and mitigating controls are identified, prioritized, and implemented.
We take compliance seriously. Our team is constantly assessing our platform and services against new and existing regulatory requirements, enlisting guidance from regulators, and leveraging industry best practices. And to make sure we’re always transparent with our clients and their members, we undergo an annual SOC-2 Type II attestation.