Security & Compliance
Built for Protected Health Information, From the Ground Up
Hospital systems trust Prescient with continuous access to EHR data. Here is how we approach the security and compliance responsibility that comes with it.
Data encryption
Patient data is encrypted in transit and at rest, using industry-standard encryption protocols throughout the ingestion, scoring, and storage pipeline.
Access controls
Role-based access controls limit data visibility to the clinical and administrative roles that need it, with full audit logging of access events.
HIPAA-aligned architecture
Prescient's infrastructure and data-handling practices are designed around HIPAA's Security and Privacy Rule requirements for protected health information (PHI).
Business Associate Agreements
Prescient enters into a Business Associate Agreement (BAA) with each hospital system customer prior to any PHI being processed.
Interoperability standards
Integration is built on HL7 FHIR, the standard used across major EHR platforms, minimizing custom data-handling code and its associated risk surface.
Ongoing review
Security practices are reviewed on an ongoing basis as part of Prescient's platform operations and each customer's own IT security review process.
Frequently Asked