Continued ISO 27001, 27017, 27018, 13485, SOC 2 Type 2, and HITRUST Certification Reflects Ongoing Commitment to Trusted Health Data Management.
TORONTO, ON — August 7, 2025 — Smile Digital Health (Smile) is proud to announce the successful maintenance of its certifications for ISO 27001, 27017, and 27018 following the latest surveillance audit. The organization also completed its ISO 13485 internal audit as of June 2025 and achieved SOC 2 Type 2 recertification earlier this year. Smile continues to uphold its certification under the HITRUST Risk-based, 2-year (r2) framework, further solidifying its leadership in privacy, security, and operational excellence.
ISO 27001 serves as the foundation of Smile’s information security management system, while ISO 27017 and 27018 provide assurance for cloud service security and personal data protection within managed service environments. These certifications, along with SOC 2 Type 2 and HITRUST, demonstrate Smile’s adherence to the highest industry standards and its proactive approach to safeguarding health data across complex environments.
“Maintaining certification for ISO 27001, 27017, 27018, 13485, HITRUST, and SOC 2 Type 2 underscores our unwavering focus on information security, cloud infrastructure, and personal data protection,” said Joël Faustin, Director of Privacy and Security at Smile Digital Health. “These are not just checkboxes, they reflect rigorous internal controls, continuous risk assessment, and a culture of security embedded across our organization. Having these certifications demonstrates our dedication to operational excellence and the secure handling of sensitive health data. As threats evolve and regulations grow more complex, we remain proactive and accountable in protecting the data entrusted to us.”
Smile’s ISO 13485 internal audit reinforces its commitment to quality in the development of medical-grade software, while SOC 2 Type 2 confirms ongoing adherence to strict criteria for data security, availability, and confidentiality. The HITRUST certification adds an additional layer of trust, verifying Smile’s robust controls against one of the most comprehensive and widely adopted security frameworks in the healthcare industry.
By maintaining these certifications, Smile ensures that clients including payers, providers, health information exchanges, and government agencies continue to benefit from a secure and compliant health data platform designed to meet both today’s interoperability requirements and tomorrow’s innovations.