HealthPlanIQ – Security

Last updated: March 16, 2025

DATA SECURITY AND CONFIDENTIALITY

HealthPlanIQ treats all client data as strictly confidential. We re in the process of implementing formal confidentiality policies and processes that will be tested annually during an AICPA SOC2 Type 2 audit.

HealthPlanIQ encrypts sensitive data at rest and in transit. We manage strong encryption keys and security modules in line with industry best practices, and we only use data centers within the United States.

APPLICATION SECURITY

HealthPlanIQ will regularly engage security experts for third-party penetration tests of our production and test environments. Internally we will regularly perform application security testing.

HealthPlanIQ uses high-quality static analysis tooling to secure our product at every step of the development process.

INFRASTRUCTURE SECURITY

HealthPlanIQ uses Hubspot to host our application. We make full use of the security products embedded within the Hubspot ecosystem.