Privacy and Security in Healthcare
At Phreesia, privacy and security are our top priorities–not boxes to be checked during a once-a-year review. At each and every level of our organization, we foster a culture focused on safeguarding patient data. We’re honored to have those efforts recognized with many of the industry’s most well-known certifications.
HITRUST CSF Certification (2021)
Phreesia achieved HITRUST CSF certification, giving our clients peace of mind that we meet trusted security benchmarks.
Payment Card Industry Data Security Standard (PCI-DSS)
As a PCI DSS Level 1 Service Provider, Phreesia is committed to upholding industry security standards for cardholder data.
Security Organization Control (SOC) 2 Type 2
Phreesia has completed the SOC 2 Type 2 certification process to evaluate our security, availability and confidentiality protocols.
PCI Point-to-Point Encryption (P2PE)
Phreesia’s PCI-validated solution enables healthcare organizations to accept P2PE credit and debit card payments.
Find Phreesia listed under Bluefin Payment systems
Contact Us
If you have a question or concern or if you would like to request additional documentation regarding these certifications, email
security@phreesia.com.
Please do not send any sensitive personal or health information to this email address.
If you are a patient, please contact your healthcare provider directly.
View our responsible disclosure policy.
