Hello Heart Earns HITRUST CSF® Certification

Michal Gutman, Hello Heart's CTO & CISO

We Take Security Seriously 

After more than a decade of experience in the cyber security space, I was thrilled to join Hello Heart in 2017 as a Chief Information Security Officer. As you can imagine, being a CISO at a health tech company is a huge responsibility — not only because of the need to comply with industry best practices and State and Federal regulations (e.g. HIPAA), but also because our users trust us with the most important and valuable information: their medical data. This trust is at the foundation of our organization, and that is why adhering to the highest standards of security and privacy protection are embedded in our core values

Joining an Elite Group of Organizations 

As part of our commitment to security, I am proud to share that on June 30, 2021, Hello Heart’s application, data storage, and supporting infrastructure earned HITRUST CSF Certified status. This validates that we have met key regulations and industry-defined requirements, and that we are appropriately managing risk. This achievement also places Hello Heart in an elite group of organizations worldwide that have earned this certification. The release announcing the news can be found here.

The Certification Process

The HITRUST CSF is a certifiable framework that provides organizations with the needed structure, detail, and clarity relating to information protection. This certification process included an internal review of Hello Heart’s information security controls, including policy, process, and implementation. To ensure compliance, this information was reviewed by a third party assessor, and the HITRUST organization. The strenuous certification process not only demonstrated our commitment to securing the privacy of our users’ data, but also confirmed that Hello Heart’s Information Security program is compliant with State and Federal regulations, as well as industry best practices.

Leading the Way and Inspiring Others

We see ourselves as leaders in the Digital Health space, and with this comes great responsibility that we readily accept. We believe that we have a duty to set a high standard for security and privacy, while using cutting-edge technology. As such, it was an easy decision to pursue HITRUST CSF certification. We hope to encourage more and more startups to embark on this journey, and in doing so assure their users that security best practices are followed, and that their data is protected.  

Eyes to the Future: A More Secure World

We are proud of the progress we have made in the last year, and of earning validation from HITRUST that our users’ data is protected. We will continue to build innovative digital health products that empower people to understand and improve their heart health using technology and behavioral science.