Security & Compliance

Enterprise-grade security

Distal is built from the ground up for healthcare. We meet the highest standards for security, privacy, and regulatory compliance.

Certifications

Fully compliant

We maintain the highest level of healthcare compliance certifications.

HIPAA Compliant

Full compliance with health information privacy requirements

SOC 2 Type II

Independently audited security controls

HITRUST Ready

Aligned with healthcare's leading security framework

Resources

Learn more

Compliance

HIPAA, SOC 2 Type II, HITRUST, and GDPR compliance details.

Learn more

Integrations

EHR connectivity, SSO, and API documentation.

Learn more

Privacy

Data handling, retention, and patient rights.

Learn more

Security measures

Protected at every layer

We implement defense-in-depth security with multiple layers of protection for your patient data.

0

Security incidents

99.99%

Uptime SLA

24/7

Monitoring

AES-256 Encryption at Rest

All patient data encrypted with industry-standard AES-256

TLS 1.3 in Transit

All data transmitted over encrypted connections

Multi-Factor Authentication

MFA required for all provider and admin accounts

Role-Based Access Control

Granular permissions ensure minimum necessary access

Comprehensive Audit Logging

All PHI access logged and retained for 7 years

Regular Penetration Testing

Third-party security assessments conducted quarterly

Questions about security?

Our security team is happy to answer your questions and provide documentation.

Contact security team