By Jonathan Razo / Feb 17, 2019

BrightInsight Achieves New Security and Privacy Certifications

BrightInsight Achieves HITRUST CSF® Certification to manage risk, improve security posture and meet privacy compliance requirements.


As the provider of the leading regulated Internet of Things (IoT) platform for biopharma and medtech, BrightInsight is committed to achieving the upmost privacy, security, regulatory and quality certifications to minimize customer risk and protect sensitive health information. I am excited to share that the BrightInsight Platform has achieved HITRUST CSF® Certification

There is a growing demand for healthcare cloud platforms to meet complex compliance requirements that include technical and process elements such as HIPAA, GDPR, NIST, ISO and COBIT. This certification is truly the gold standard in protecting sensitive health information and is an affirmation of our commitment to providing medical-grade solutions for our biopharma and medtech customers who operate in highly regulated industries.

Our medical-grade BrightInsight Platform is built under a Quality Management System to support and optimize regulated drugs, devices and software through integrated data and actionable insights to enable customers to drive increased patient adherence and engagement. The BrightInsight™ Platform uses software and services to capture, transmit and analyze data from CE-marked and FDA-regulated medical devices, combination products, apps and Software as a Medical Device, in compliance with security, privacy and regulatory requirements. Deployed as a managed service, the platform accelerates the time to market for biopharma and medtech companies, reduces the cost of implementation and maintenance versus a custom solution, and scales across products and global markets.  

More about HITRUST CSF Certified status:

  • HITRUST CSF Certification and HITRUST Certification of the NIST Cybersecurity Framework validates our commitment to meeting key regulations and protecting sensitive information.
  • HITRUST CSF Certified status demonstrates that the BrightInsight Platform has met key regulatory requirements and industry-defined requirements and is appropriately managing risk.
  • As part of the HITRUST Certification, BrightInsight demonstrated compliance with HIPAA and GDPR privacy laws.
  • By including federal and state regulations, standards and frameworks, and incorporating a risk-based approach, the HITRUST CSF helps organizations address these challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.

This achievement places BrightInsight in an elite group of organizations worldwide that have earned this certification. “HITRUST has been working with the industry to ensure the appropriate information protection requirements are met when sensitive information is accessed or stored in a cloud environment. By taking the steps necessary to obtain HITRUST CSF Certified status, BrightInsight is distinguished as an organization that people can count on to keep their information safe,” said Ken Vander Wal, Chief Compliance Officer, HITRUST.

    You can see more of our privacy and security certifications here, and we look forward to continuing to share more updates on the BrightInsight Platform with you.