Notable completes SOC 2 compliance report

In an era where healthcare data security and privacy are paramount, achieving compliance with the Service Organization Control (SOC) 2 standards marks a significant milestone for organizations handling sensitive data.  We are proud to have successfully completed SOC 2 Type 2 compliance, reinforcing our commitment to safeguarding patient information and enhancing trust.

What is SOC 2 Compliance?

SOC 2 is an independent third-party assessment of an organization’s information systems. The report evaluates the effectiveness of an organization’s internal controls related to security, availability, processing integrity, confidentiality, and privacy of data. Achieving SOC 2 compliance signifies that an organization has met rigorous standards established by the American Institute of CPAs (AICPA).

Notable’s Commitment to Security

Since Notable’s founding, security, privacy, and trust are non-negotiables. We employ industry best practices to secure sensitive patient information and ensure that all data handling practices align with the highest privacy and security standards.

Jon Debonis, Head of Security at Notable, shared, "The rise of AIs and LLMs brings extraordinary opportunities, but also unprecedented challenges for security and privacy. At Notable, we don’t just react to these threats—we anticipate them. Our team applies the most advanced AI governance practices to ensure that our platform remains a secure and trusted tool, enabling the transformative benefits AI can deliver to patient care.”

In addition to SOC 2 compliance, we ensure our AI platform maintains a high standard of security by: 

• Maintaining HITRUST CSF certification and compliance for the Notable platform, which includes the HIPAA Security Rule and NIST SP 800-171

• Continuously improving underlying technology to stay ahead of the latest internet threats and partnering with vendors who do the same
• Encrypting data in transit and at rest

• Routinely testing our security controls through reputable third parties

• Hosting our platform in several regions of the US for high availability and uptime

Read on to learn more about our efforts to create secure and delightful experiences for everyone. 

Are you a current customer or prospect who needs access to our SOC 2 report? Find it in our Trust Center.

‍