Michal Gutman, Hello Heart's CTO & CISO

We Take Security Seriously 

After more than a decade of experience in the cyber security space, I was thrilled to join Hello Heart in 2017 as a Chief Information Security Officer. As you can imagine, being a CISO at a health tech company is a huge responsibility — not only because of the need to comply with industry best practices and State and Federal regulations (e.g. HIPAA), but also because our users trust us with the most important and valuable information: their medical data. This trust is at the foundation of our organization, and that is why adhering to the highest standards of security and privacy protection are embedded in our core values

Joining an Elite Group of Organizations 

As part of our commitment to security, I am proud to share that on June 30, 2021, Hello Heart’s application, data storage, and supporting infrastructure earned HITRUST CSF Certified status. This validates that we have met key regulations and industry-defined requirements, and that we are appropriately managing risk. This achievement also places Hello Heart in an elite group of organizations worldwide that have earned this certification. The release announcing the news can be found here.

The Certification Process

The HITRUST CSF is a certifiable framework that provides organizations with the needed structure, detail, and clarity relating to information protection. This certification process included an internal review of Hello Heart’s information security controls, including policy, process, and implementation. To ensure compliance, this information was reviewed by a third party assessor, and the HITRUST organization. The strenuous certification process not only demonstrated our commitment to securing the privacy of our users’ data, but also confirmed that Hello Heart’s Information Security program is compliant with State and Federal regulations, as well as industry best practices.

Leading the Way and Inspiring Others

We see ourselves as leaders in the Digital Health space, and with this comes great responsibility that we readily accept. We believe that we have a duty to set a high standard for security and privacy, while using cutting-edge technology. As such, it was an easy decision to pursue HITRUST CSF certification. We hope to encourage more and more startups to embark on this journey, and in doing so assure their users that security best practices are followed, and that their data is protected.  

Eyes to the Future: A More Secure World

We are proud of the progress we have made in the last year, and of earning validation from HITRUST that our users’ data is protected by best-in-class security solutions. We will continue to build an amazing solution that empowers users every day to understand and improve their health with a secure and private digital solution.


While we take privacy, security and integrity very seriously, we don’t take ourselves too seriously (just look at our Instagram page!). If you want to be a part of a fun company that has built a market-leading digital solution for heart health, come join us - we are hiring in most areas.

Hello Heart is not a substitute for professional medical advice, diagnosis, and treatment. You should always consult with your doctor about your individual care.

1. Gazit T, Gutman M, Beatty AL. Assessment of Hypertension Control Among Adults Participating in a Mobile Technology Blood Pressure Self-management Program. JAMA Netw Open. 2021;4(10):e2127008, https://doi.org/10.1001/jamanetworkopen.2021.27008. Accessed October 19, 2022. (Some study authors are employed by Hello Heart. Because of the observational nature of the study, causal conclusions cannot be made. See additional important study limitations in the publication. This study showed that 108 participants with baseline blood pressure over 140/90 who had been enrolled in the program for 3 years and had application activity during weeks 148-163 were able to reduce their blood pressure by 21 mmHg using the Hello Heart program.) (2) Livongo Health, Inc. Form S-1 Registration Statement. https:/www.sec.gov/Archives/edgar/data/1639225/000119312519185159/d731249ds1.htm. Published June 28, 2019. Accessed October 19, 2022. (In a pilot study that lasted six weeks, individuals starting with a blood pressure of greater than 140/90 mmHg, on average, had a 10 mmHG reduction.) NOTE: This comparison is not based on a head-to-head study, and the difference in results may be due in part to different study protocols.
2. Validation Institute. 2021 Validation Report (Valid Through October 2022). https://validationinstitute.com/wp-content/uploads/2021/10/Hello_Heart-Savings-2021- Final.pdf. Published October 2021. Accessed October 19, 2022. (This analysis was commissioned by Hello Heart, which provided a summary report of self-fundedemployer client medical claims data for 203 Hello Heart users and 200 non-users from 2017-2020. Findings have not been subjected to peer review.)