Trust Center

Start your security review
View & download sensitive information
Ask for information

Overview

A critical part of building a world-class mental health platform is a commitment to safeguarding member data. Modern Health has implemented best-in-class security practices to ensure our members receive the best care and their data is secure when using Modern Health's platform.

Compliance

CCPA Logo
CCPA
GDPR Logo
GDPR
HIPAA Logo
HIPAA
SOC 2 Logo
SOC 2
Start your security review
View & download sensitive information
Ask for information

Documents

SOC 2
Network Diagram
Pentest Report
Security Whitepaper
CAIQ
VSA Core
VSA Full
Cyber Insurance
Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
Asset Management Policy
Business Continuity Policy
Data Classification Policy
Encryption Policy
General Incident Response Policy
Information Security Policy
Other Policies
Password Policy
Risk Management Policy
Vulnerability Management Policy

Risk Profile

Data Access LevelRestricted
Impact LevelSubstantial
Recovery Time Objective24-48 hours
View more

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

Network Diagram
Other Reports
Pentest Report
View more

Self-Assessments

CAIQ
VSA Core
VSA Full

Data Security

Access Monitoring
Backups Enabled
Data Erasure
View more

App Security

Responsible Disclosure
Code Analysis
Credential Management
View more

Legal

SubprocessorsBoxCleverTapDatadogMailchimpSnowflake
Cyber Insurance
Privacy Policy
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Amazon Web Services
Anti-DDoS
Infrastructure Security
View more

Endpoint Security

Endpoint Detection & Response
Mobile Device Management

Network Security

Firewall
IDS/IPS
Virtual Private Cloud

Corporate Security

Email Protection
Employee Training
Incident Response
View more

Security Grades

Qualys SSL Labs
joinmodernhealth.com
A

Trust Center Updates

Subprocessor Update

SubprocessorsCopy link

This email is to notify you that Modern Health is planning to appoint new third-party Subprocessors and remove previous Subprocessors. No action is required from you.

Subprocessors added:

  • Snowflake
  • FiveTran
  • Looker
  • Iterable

Subprocessors removed:

  • CleverTap
  • Mailchimp

CleverTap and Mailchimp will no longer process data on behalf of Modern Health and will be removed from the Subprocessor list by December 31st, 2023.
You can find information about the tasks our Subprocessors perform and where they are located and view the full list of our Subprocessors here. If you have any questions please feel free to email us at privacy@modernhealth.com.

Modern Health Security & Privacy

Published at N/A

2024 SOC2 Report and Pentest Now Available

ComplianceCopy link

Hello,

Modern Health has completed its' yearly SOC2 audit and penetration test. Both documents are now available in the Security portal. All confirmed findings on the penetration test will be remediated within Modern Health's vulnerability SLA. Please reach out directly on the security portal or at security@joinmodernhealth.com if you have questions.

Published at N/A

Modern Health's Open SSL 3.0.x Response

IncidentsCopy link

Modern Health is aware that a critical vulnerability for OpenSSL version 3.0.x was released today by the OpenSSL group. Modern Health has confirmed that its' cloud provider, AWS, is not affected by this vulnerability (https://aws.amazon.com/security/security-bulletins/AWS-2022-008/) and has confirmed that no public-facing services are affected by this vulnerability. Modern Health has a few internal 3rd party services that will require an update and Modern Health will update these when an update becomes available.

If there are additional question, please contact your Modern Health representative or comment directly in the Security portal. Thank you!

Published at N/A

Modern Health is aware that a critical vulnerability for OpenSSL version 3.0.x was released today by the OpenSSL group. Modern Health has confirmed that its' cloud provider, AWS, is not affected by this vulnerability (https://aws.amazon.com/security/security-bulletins/AWS-2022-008/) and has confirmed that no public-facing services are affected by this vulnerability. Modern Health has a few internal 3rd party services that will require an update and Modern Health will update these when an update becomes available.

If there are additional question, please contact your Modern Health representative or comment directly in the Security portal. Thank you!

Published at N/A

Updated Pentest Report and Security Policies Now Available

ComplianceCopy link

A new pentest report (Both web and mobile) are available under the documents section (The Mobile App report is listed under "Other Reports"). In addition, updated security policies have also been published under the documents section as well.

Published at N/A

Updated SOC2 Report Now Available

ComplianceCopy link

Modern Health has just finished their annual SOC2 audit with Linford & Co LLP. The new report is now available for download on the Modern Health security portal.

Published at N/A
Powered bySafeBase Logo