world class security, privacy, and compliance.

Your data is our business so we take every step to safeguard it.
Automated controls ensure your data remains protected.

our approach

security is a mindset

We are meticulous about what data we access and how we use that data in our work. Ensuring the confidentiality, security, and integrity of all healthcare data, client information, and intellectual property that we are entrusted with comes first and foremost at Fathom.

To stay ahead of a constantly evolving landscape, we take a three-pronged approach:

We build and maintain automated security solutions through a mix of proprietary and best in breed solutions.
We select for and continually cultivate an attitude of security awareness, placing the utmost emphasis on data security and privacy.
We continually challenge assumptions about security and compliance best practices, pushing for the best solution, rather than a sufficient solution.


verified by tier one auditors

Fathom retained a leading Certified Public Accounting firm based on their world-class team of former "Big Four" auditors and information security experts to conduct a thorough audit to verify Fathom's HIPAA and SOC-2 compliance.

HIPAA Compliant logo in grey tile. Health Insurance Portability And Accountability Act.

HIPAA Compliance audits are designed to assess an organization’s risk management and regulatory compliance effectiveness. This includes the evaluation of the administrative, physical, and technical safeguards as they relate to the electronic protected health information (ePHI) an organization creates, receives, processes, maintains, and/or transmits; as well as the evaluation of the organization’s policies, procedures, and overall readiness to manage a breach of protected health information (PHI) in accordance with the notification requirements.

SOC 2 Service Organization Compliant logo in grey square with white lock.

Developed by the AICPA, SOC 2 is specifically designed for service providers storing customer data in the cloud.

SOC 2 requires companies to establish and follow strict information security policies and procedures, encompassing the security, availability, processing, integrity, and confidentiality of customer data. SOC 2 ensures that a company’s information security measures are in line with the unique parameters of today’s cloud requirements.

policy and procedures

best practices deployed across all facets of our business

Fathom has put policies and procedures in place across our core business areas, taking into account and aligning with the latest standards:
Application Security
Infrastructure Security
Data Privacy and Management
Threat and Vulnerability Management
Access Management
Business Continuity
Change Management
Workforce Training
Disaster Recovery
Incident Management