We are meticulous about what data we access and how we use that data in our work. Ensuring the confidentiality, security, and integrity of all healthcare data, client information, and intellectual property that we are entrusted with comes first and foremost at Fathom.
To stay ahead of a constantly evolving landscape, we take a three-pronged approach:
Fathom retained a leading Certified Public Accounting firm based on their world-class team of former "Big Four" auditors and information security experts to conduct a thorough audit to verify Fathom's HIPAA and SOC-2 compliance.
HIPAA Compliance audits are designed to assess an organization’s risk management and regulatory compliance effectiveness. This includes the evaluation of the administrative, physical, and technical safeguards as they relate to the electronic protected health information (ePHI) an organization creates, receives, processes, maintains, and/or transmits; as well as the evaluation of the organization’s policies, procedures, and overall readiness to manage a breach of protected health information (PHI) in accordance with the notification requirements.
Developed by the AICPA, SOC 2 is specifically designed for service providers storing customer data in the cloud.
SOC 2 requires companies to establish and follow strict information security policies and procedures, encompassing the security, availability, processing, integrity, and confidentiality of customer data. SOC 2 ensures that a company’s information security measures are in line with the unique parameters of today’s cloud requirements.