Overview
A critical part of building a world-class mental health platform is a commitment to safeguarding member data. Modern Health has implemented best-in-class security practices to ensure our members receive the best care and their data is secure when using Modern Health's platform.
Compliance

Documents
Risk Profile
Product Security
Reports
Self-Assessments
Data Security
App Security
Legal
Access Control
Infrastructure
Endpoint Security
Network Security
Corporate Security
Security Grades
Trust Center Updates
This email is to notify you that Modern Health is planning to appoint new third-party Subprocessors and remove previous Subprocessors. No action is required from you.
Subprocessors added:
- Snowflake
- FiveTran
- Looker
- Iterable
Subprocessors removed:
- CleverTap
- Mailchimp
CleverTap and Mailchimp will no longer process data on behalf of Modern Health and will be removed from the Subprocessor list by December 31st, 2023.
You can find information about the tasks our Subprocessors perform and where they are located and view the full list of our Subprocessors here. If you have any questions please feel free to email us at privacy@modernhealth.com.
Modern Health Security & Privacy
Hello,
Modern Health has completed its' yearly SOC2 audit and penetration test. Both documents are now available in the Security portal. All confirmed findings on the penetration test will be remediated within Modern Health's vulnerability SLA. Please reach out directly on the security portal or at security@joinmodernhealth.com if you have questions.
Modern Health is aware that a critical vulnerability for OpenSSL version 3.0.x was released today by the OpenSSL group. Modern Health has confirmed that its' cloud provider, AWS, is not affected by this vulnerability (https://aws.amazon.com/security/security-bulletins/AWS-2022-008/) and has confirmed that no public-facing services are affected by this vulnerability. Modern Health has a few internal 3rd party services that will require an update and Modern Health will update these when an update becomes available.
If there are additional question, please contact your Modern Health representative or comment directly in the Security portal. Thank you!
Modern Health is aware that a critical vulnerability for OpenSSL version 3.0.x was released today by the OpenSSL group. Modern Health has confirmed that its' cloud provider, AWS, is not affected by this vulnerability (https://aws.amazon.com/security/security-bulletins/AWS-2022-008/) and has confirmed that no public-facing services are affected by this vulnerability. Modern Health has a few internal 3rd party services that will require an update and Modern Health will update these when an update becomes available.
If there are additional question, please contact your Modern Health representative or comment directly in the Security portal. Thank you!
A new pentest report (Both web and mobile) are available under the documents section (The Mobile App report is listed under "Other Reports"). In addition, updated security policies have also been published under the documents section as well.
Modern Health has just finished their annual SOC2 audit with Linford & Co LLP. The new report is now available for download on the Modern Health security portal.