Certifications and Regulations
The Artera Security Program maintains robust security standards for protecting the integrity, confidentiality, availability, and privacy of the data we store and transmit. We hold ourselves to the highest standards for safeguarding your organization and the patients you serve.
"[Artera]'s security program is particularly impressive, and security has clearly been a primary focus since the company’s beginning. [Artera] has made sure to consider the end-to-end data flow process, and they’ve conscientiously deployed all the necessary controls to best address safety, privacy, and potential risk."
Deepak Chaudhry
BDO, National Health IT & HITRUST Leader, President of Houston HIMSS Chapter
More Information
We have implemented security best practices and employ the services of independent third parties to evaluate and audit our practices against best-in-class security frameworks.
HITRUST
As the gold standard for organizations in healthcare, WELL has been HITRUST certified since 2019. The HITRUST CSF is a rigorous set of controls that covers, among other sources, all the requirements of HIPAA. At WELL, we’ve mapped our security controls to ensure we’re compliant with both HITRUST and HIPAA.
ISO 27001
Used by more than 60,000 companies worldwide, establishes requirements for forming, implementing, maintaining, and continually improving an ISMS. This standard serves as the foundation upon which the other ISO 27000 standards are built.
ISO 27017
Extends supplementary requirements for the implementation of information security controls for cloud services.
ISO 27701
Establishes requirements for the formation, implementation, maintenance, and continuous improvement of a PIMS to protect the privacy and processing of personal data. WELL has been certified against the ISO 27701 standard as a data processor.
ISO 27018
Provides further requirements beyond ISO 27701 for the protection of personally identifiable information (PII) within cloud environments.