Skip to main content
LuminaryHDPartners

Trust Center

Your health data deserves the highest level of security and privacy. Learn how we protect your information.

HIPAA Compliance

LuminaryHD is built with full HIPAA (Health Insurance Portability and Accountability Act) compliance. We maintain strict adherence to both the Privacy Rule and Security Rule, ensuring your Protected Health Information (PHI) is handled with the utmost care.

  • Administrative, physical, and technical safeguards in place
  • Business Associate Agreements (BAAs) with all service providers
  • Regular risk assessments and security audits
  • Employee training on HIPAA requirements and best practices

Security Infrastructure

We implement enterprise-grade security measures to protect your health information at every layer of our infrastructure.

  • End-to-end encryption for all data in transit and at rest
  • Multi-factor authentication (MFA) for all user accounts
  • Role-based access control (RBAC) and least privilege principles
  • Comprehensive audit logging and monitoring
  • Regular penetration testing and vulnerability assessments

AWS HIPAA Eligible Services

Our infrastructure is built on Amazon Web Services (AWS) using only HIPAA eligible services. AWS provides a secure, scalable foundation with multiple layers of operational and physical security.

  • All services covered under AWS Business Associate Addendum (BAA)
  • Data stored in US-based, redundant data centers
  • Automatic backups and disaster recovery procedures
  • 99.9% uptime SLA for high availability

Future Compliance Plans

We're committed to continuous improvement and maintaining the highest industry standards for security and compliance.

SOC 2 Type II Certification

We are actively pursuing SOC 2 Type II certification to demonstrate our commitment to security, availability, processing integrity, confidentiality, and privacy.

HITRUST Certification

HITRUST CSF certification is under consideration as we continue to scale. This comprehensive framework represents the gold standard for healthcare information security.

Your Privacy Rights

You maintain complete control over your health information. Our platform is designed with privacy by default.

  • Access and download your data at any time
  • Control who can view your health records
  • Revoke access permissions at any time
  • Request deletion of your account and data
  • Transparent audit logs of all data access