Security & Compliance | Open Health Network

Built for regulated healthcare. Protected by design.

Our Standards

HIPAA-compliant; BAAs available
SOC‑2 Type II audited; ISO 27001 roadmap
AES‑256 at rest, TLS 1.3 in transit
Annual third‑party penetration tests and continuous monitoring

CMS & Billing Compliance

CMS Acute Hospital Care at Home requirements embedded in workflows
RPM CPT 99453/99454/99457/99458 documentation & time tracking supported

FAQs

Where is data stored?
In encrypted U.S.-based cloud regions unless otherwise contracted.

Can we host it ourselves?
A private-cloud deployment option is available for qualified clients.

Do you pass pen tests?
Yes, annual third‑party penetration tests are performed; a summary is available under NDA.