Smile Digital Health Achieves HITRUST Risk-Based, 2-year Certification

HITRUST Risk-Based, 2-year (r2) Certification validates Smile Digital Health is committed to strong cybersecurity and protecting sensitive data, demonstrating the highest level of information protection assurance.

TORONTO, ON – June 25, 2024 - Smile Digital Health (Smile), a leading FHIR® health data platform and exchange solutions provider, announced today its Managed Services offering has been re-certified by the Health Information Trust Alliance (HITRUST®) for information security, privacy and risk management.

HITRUST Risk-Based, 2-year (r2) Certification demonstrates that the organization has met demanding regulatory compliance and industry-defined requirements and is appropriately managing risk in regards to its Managed Services offering. This achievement places Smile Digital Health in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards, and frameworks and incorporating a risk-based approach, the HITRUST Assurance Program helps organizations address security and data protection challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.

“Personal health information is considered some of the most private information and we place a tremendous focus on ensuring the security of this sensitive information,” said Luis de Barros, Chief Privacy and Security Officer, Smile Digital Health. “As a team, we pride ourselves on working together to ensure our customers feel confident that Smile Digital Health is a company that can be trusted, and this certification provides the external validation of the quality and data protection of our products and services.”

The most comprehensive and robust HITRUST certification, the HITRUST risk-based, 2-year (r2), is just one component of Smile’s Privacy and Information Security roadmap. This certification is particularly important for organizations that are processing large amounts of sensitive data and personal information, including PHI and need to share reports with multiple entities. It can also be used for third-party risk management.

“HITRUST certification is globally recognized as validation that information security and privacy controls are effective and compliant with various regulations. HITRUST certification is considered the gold standard because of the comprehensiveness and applicability of the control requirements, depth of the assurance process, and level of oversight that ensures accuracy,” said Jeremy Huval, Chief Innovation Officer at HITRUST.

“Smile has always been dedicated to mitigating risks when it comes to sensitive data. These recertifications are a true testament to that,” said George Rollins, President, Smile Digital Health. “In a time where it’s even more crucial to keep data safe, this focus on meeting and exceeding the highest level of cybersecurity standards really has an impact on how our customers use their data and the level of care they can provide because of this. Our Managed Services offering is an end-to-end service package, encompassing FHIR®-based implementation, maintenance, security, and support.”.