To visit our coronavirus COVID-19 information center, click here
Home /Technology /Information Security

Information Security

Safeguarding your privacy.

Among the elite, with the strongest information security around.

An intense focus on data security in the direct healthcare industry is critical. That’s why our protection of member data is unparalleled in the industry. With appropriate risk and audit posture, our practices reinforce physical, cyber, and data security infrastructures compliant with regulatory and legal requirements.

Premise works with organizations in a wide array of industries across the U.S. to ensure health data, billing information, and electronic health records are safe. We are among the elite and few direct healthcare companies to have earned HITRUST CSF certification for our electronic health record and have maintained that status since 2017. At Premise, the security of our members is of the highest importance.

We keep valuable information between us.

Industry-leading Security Posture

Your data belongs to you, and it’s our job to keep it safe. We’re responsible for managing health-related records for millions of individuals (PHI), and we are diligent about maintaining compliance with pertinent federal (HIPAA/HITECH) and state legislation. We’ve earned our place as leaders in the direct healthcare industry in part by establishing a trust with our clients that we’ve considered data protection at every angle.

HIPAA Compliant

When it comes to HIPAA compliance, we make sure to check every box. To help aid in this effort, we hire a third-party to conduct annual HIPAA risk assessments of our environment. Along with our external evaluations, we have internal programs in place to drive, monitor, and measure compliance with our policies, standards, and procedures. Our all hands-on deck approach helps ensure we’re doing everything we can to make sure the personal information of your workforce is secure.

Committed to Confidentiality

We understand putting trust into another organization is a serious decision; that’s why we make it easy. As we continue to embrace technology, enhance the quality of healthcare, and create a seamless member experience, we make privacy and security top strategic priorities. Our team members share in the responsibility to implement and adhere to the appropriate procedures and controls to keep information security at the top of mind.

The Gold Standard of Data Security

We have the firmest information security policy in our industry. Our posture and HITRUST CSF Certified status meet the key regulatory and industry-defined requirements for protecting and securing private healthcare information. We take the privacy and security of our members seriously.

Maintaining standards while innovating towards the future.

Globally Recognized Standards

We maintain compliance with the privacy and security rules required by HIPAA. We’ve chosen HITRUST as our framework for applying controls across the U.S. and globally recognized standards most suitable for the healthcare industry and our business. By adopting this framework, we’ve also aligned to applicable ISO, NIST, and PCI standards for data security.

Pioneering the Latest Trends

We can safely keep pace with and pioneer the latest trends in the marketplace by proactively adopting and maintaining high-bar industry standards and best practices in information security. Our programs include incident response and forensics, security engineering, penetration testing, vulnerability management, governance risk and compliance (GRC), third-party risk management, proactive threat hunting, darknet monitoring, and digital risk management, to name a few.


Let's talk about what we can achieve for your organization. Get Started