We're here to help.

Information Security Compliance & Testing


Butterfly Network is HIPAA and HITECH compliant with SOC II certification. SOC II certification is renewed annually.

Penetration Testing

Butterfly Network undergoes annual penetration testing conducted by a third party security firm. If your organization requires more information, please contact Butterfly Support.

Patching & Vulnerability Scanning

Butterfly Network has implemented a patch management process and automated vulnerability scanning, both of these administrative controls are part of the SOC II certification.

Butterfly Cloud is protected at the host level with both intrusion detection monitoring and incident response. Any critical-level vulnerabilities are scheduled for remediation within 24 hours.

Risk/Incident Management

Audited as part of SOC II certification, Butterfly Network has established formal data breach policies and procedures in place.

Background Checks

Butterfly conducts comprehensive background checks as a component of the hiring process. Subcontractors have the same requirements as employees with respect to on-boarding background check, privacy and security awareness training, and signing of NDA.

Privacy Training

Employees who work with sensitive customer data or Protected Health Information (PHI) are required to take specialized HIPAA training. HIPAA training is mandatory at the time of hire and reviewed annually.

All new hires are required to take on-boarding training which covers security, confidentiality, ethics and our Quality Management System (QMS) and sets the tone for our collective responsibility for security.

Was this article helpful?
1 out of 2 found this helpful
Thank you for your feedback

We’re sorry this didn’t answer your question. We’re here to help. Contact us