Clearsense continuously reviews and improves our security practices, infrastructure, and data-handling policies for compliance with industry security regulations and industry best practices such as HIPAA, HITECH, SOC 2 and HITRUST.

HIPAA & HITECH

Clearsense follows the Health Insurance Portability and Accountability Act (HIPAA) standards for protecting the privacy and security of certain health information, HIPAA Privacy Rule, and the HIPAA Security Rule. Clearsense also subscribes to the Health Information Technology for Economic and Clinical Health (HITECH) Act, which was enacted to promote the adoption and meaningful use of health information technology.

To ensure compliance with both HIPAA and HITECH, covered entities enter into a Business Associate Agreement (BAA) to ensure business associates, such as Clearsense, adequately protect Personal Health Information (PHI). BAA contracts clarify and limit how the business associate can handle PHI and set forth each party’s adherence to the security and privacy provisions set forth in HIPAA and the HITECH Act.

Currently there is no official certification for HIPAA or HITECH Act compliance. However, Clearsense services covered under the BAA have undergone audits conducted by accredited independent auditors.

SOC 2 Type 1 Examination

Clearsense is in the process of completing a SOC 2 Type I Service Organization Control (SOC 2) examination of our platform in accordance with attestation standards established by the American Institute of Certified Public Accountants (AICPA).

Upon completion, the SOC 2 report will provide assurance to Clearsense and its customers that the company has designed and implemented effective security controls, as defined in the SOC 2 standards.

HITRUST

Developed by healthcare and IT professionals, the HITRUST Common Security Framework (CSF) provides an efficient and prescriptive framework for managing the security requirements inherent in HIPAA.

Clearsense is in the process of completing a HITRUST certification in which a third-party assessment firm verifies Clearsense has met all of the industry-defined certification requirements of the CSF which incorporates globally recognized standards such as NIST, ISO, PCI, FTC Red Flag and COBIT.

REPORT UNETHICAL BEHAVIOR

As part of our compliance for both SOC and HITRUST, Clearsense encourages reporting of any unethical behavior, including misuse of Protected Health Information (PHI). Do you have an issue or concern you would like to report anonymously? Submit it at safehotline.com or call 1-855-662-SAFE using company ID number 0751815007.

Control Your Data.

Experience success & insight through a secure, reliable, and affordable cloud-based healthcare data platform.