Security

Jasper Health is committed to keeping your data safe. Our platform is designed to ensure secure storage and processing of all information we interact with. Whether it’s personal health information (PHI), personally identifiable information (PII) or anything beyond, we’ve established extensive security and compliance policies and procedures to ensure that our client’s and user’s data remain protected. Security and compliance certificates include:

  • HIPPA Compliant: Jasper Health is HIPAA compliant and executes BAAs with customers and vendors as appropriate.
  • SOC 2 Type I & II: Jasper Health is SOC 2 Type I and Type II certified to meet AICPA’s Trust Service Principles. Potential and existing customers may request a copy of our SOC 2 report under a NDA.

Visit our Trust Center for more details on our security practices, compliance posture, and the safeguards we use to protect sensitive information.

Security Culture

Every employee at Jasper Health, from office operations to our CEO, is dedicated to security and protecting our customer data in all that we do. We have a formal security program in place.

We view security not just as a core component of our technology, but also as a cornerstone of our company culture. All employees receive security training both as a new hire and regularly thereafter. Communication channels for any security issues or questions are always open for our employees and customers. We send out ongoing reminders to our staff about security issues, and in addition, regularly test our preparedness with phishing drills and other security exercises.

Suspected Security Issues

If you suspect a security issue or anyone in your organization’s Jasper Health credentials may have been compromised, please contact Jasper Health support at security@hellojasper.com.

If you are a security researcher who has potentially discovered a security weakness or vulnerability in Jasper Health’s systems, please send an email to security@hellojasper.com with information and we will provide information on secure responsible disclosure. At this time we do not offer monetary rewards for vulnerability disclosure.

Data Protection & Privacy

We ground our privacy commitments in strong data governance practices, so our customers can trust that we’ll protect the privacy and confidentiality of their data. Privacy is protected across Jasper Health with built-in security designed to automatically stop threats before they reach our customers.

Notice of HIPAA Privacy Practices

Our privacy practices are intended to comply with the Health Insurance Portability and Accountability Act (“HIPAA”). We will maintain the privacy of your Health Information as required by HIPAA and the regulations set forth under that Act. We encourage you to carefully review our Privacy Policy.