data security

Our Security First Approach

When you’re dealing with healthcare data, security has to be your top priority. At Sift, we are serious about HIPAA compliance through good process and solid technology, be it encryption, integrity enforcement, intrusion detection and prevention. We are of a Defense In Depth mindset when thinking about protecting information and use minimalist systems setup to help reduce the attack surface.

HIPAA-Compliant

Only secure channels are used to send and receive data. The Sift Healthcare platform is built with HIPAA-compliant infrastructure, hosted in the AWS cloud.

3rd Party Audits

We conduct regular audits, by 3rd parties security and compliance experts, to make sure we remain HIPAA compliant as our infrastructure continues to grow and new technologies are being introduced.

De-Identified Data

Our web products use only de-identified and aggregated data, no HIPAA-protected data is available on our web accessible properties.

Data Handling

We prohibit any PHI information to be handled on employee desktops or laptops.

Business Associate Agreements

We sign BAA’s with every company that sends us data. We require all employees and contractors to sign BAA’s and conduct extensive background checks on all hires.

Data Work

Sift does not offshore any of our data work. Our team is a talented group of experience data engineers, scientists, developers and operation experts.

Working with Sift is simple, easy and affordable.

Send us your data* and we do the rest. All plans include a free consultation and prices scale with your business.

*Preferable sources of data include 837, 835 and payment files.