Security and Privacy

Particle Health is dedicated to achieving the highest security and privacy credentials in healthcare and tech.

General Compliance

Our platform was designed to be secure and HIPAA compliant.

  • Data at rest is encrypted using Advanced Encryption Standard (AES)
  • Google Cloud provides cryptographic authentication and authorization for all inter-service communications
  • We use Mutual TLS for authenticating with our data network partners
  • All PHI is de-identified when used for internal analytics

For more information on our information security practices please contact [email protected].

Compliance Certifications


The Health Information Trust Alliance (HITRUST), founded in 2007, provides methods for the healthcare sector to address information risk management across a matrix of third-party assurance assessments.

HITRUST certification requires an independent assessment. The length of the assessment depends on the size and complexity of an organization, its scope, and the amount of counseling. Particle Health is in the midst of HITRUST accreditation.


Particle Health is SOC 2 Type 2 certified. SOC 2 compliance is a component of the American Institute of CPAs (AICPA)’s Service Organization Control reporting platform. SOC 2 is an auditing procedure that ensures your service providers securely manage your data to protect the interests of your organization and the privacy of its clients. For security-conscious businesses, SOC 2 compliance is a minimal requirement when considering a SaaS provider.

How to report a vulnerability

If you believe you found a security vulnerability, please report it here.