Compliance Overview
PatientPartner is continuously monitoring its overall security & compliance standing both internally and through enterprise compliance partners to ensure our clients standards are continuously met at all times.

AICPA SOC Compliant

GDPR Compliant

ISO 27001 Compliant

HIPAA Compliant
Compliance Resources
Data | Privacy | Security

Policies
Organizational Controls
Technological Controls
Physical Controls
Continuous Monitoring
At PatientPartner all controls and tests are run through a continuous monitoring system that updates every 12hours. This system is dedicated to ensuring that all policies, proceedures, testing, and controls are up to policy standards at all times to prevent any breach or downtime in our systems.
App Security
Employee Disclosure Process
Responsible Disclosure (Bug Bounty)
Software Development Lifecycle
Web Application Firewall
Data Security
Daily Database Backups
SSL/TLS Enforced
System Access Control Policy
Network Security
Denial of Public SSH
Logging/Monitoring
Malware Detection Software
Unique Accounts Used
Infrastructure Security
Denial of Public SSH
Password Policy
Security Patches Automatically Applied
Product Security
Code Review Process
Hard-Disk Encryption
MFA on Accounts
NoSQL Database Monitored and Alarmed
Terms of Service
Organization Security
Acceptable Use Policy
Disaster Recovery Plan
Incident Response Plan
Incident Response Team
If a control is passing all tests, it will be marked as •green. If a control has a failed test that was not resolved within the past 14 days, it will be marked •yellow.
PatientPartner Program Overview
PatientPartner’s MentorConnect Program is a patient connectivity software developed specifically for pharmaceutical& med-tech companies and their therapies. The technology platform creates relatable matches between mentees (newpatients) and mentors (experienced patients) and enables them to communicate in a compliant manner. Through these connections, mentees can gain valuable insights and firsthand experiences about these specific therapies.
Additional details
PatientPartner data and compliance ecosystem is backed by merge. A industry leading compliance API that transforms how B2B companies realize customer-facing integrations. With Merge’s Unified API, developers integrate just once with one API, for all integrations. Merge takes charge of the entire lifecycle of integrations and adds new platforms every week.
Privacy
PatientPartner understands that our customers entrust us with sensitive data, and we protect it to the highest levels of industry standards.
Privacy URL