SimplePractice is HIPPA compliant and is the only cloud-based EHR platform in it's category to obtain HITRUST CSF Certification.

The HITRUST CSF certification applies to both the SimplePractice EHR platform and to the people at SimplePractice who work to uphold the highest levels of privacy, security, and compliance measures.

​

SimplePractice currently holds a Level 1 PCI Data Security Standard Certification.

This confirmation of compliance is issued by a third party Qualified Security Assessor (QSA) and recognizes the highest levels of security and compliance measures upheld by the SimplePractice EHR platform and team.

(In order to obtain PCI DSS certification, a company is required to undergo a thorough onsite audit from a PCI SCC-authorized independent assessment organization. These include Qualified Security Assessors, PCI Forensic Investigators, Approved Scanning Vendors, and others. After achieving certification, a company must comply with pertinent security requirements across its daily operations.) 

​

***Please note: Client information is encrypted and secure for ALL clients. 

However, IF you are concerned about the potential of insurance companies having access to your information; for those who pay out of pocket, your information is encrypted and not accessible to anyone you have not authorized, including insurance companies.***

​

​