HITRUST Risk-based, 2-year (r2) Certification validates that Lumeon is committed to strong cybersecurity and meeting key regulations to protect sensitive data. It demonstrates that the Lumeon Conductor platform has met key regulations and industry-defined requirements and is appropriately managing risk.
ISO 27001 and ISO 9001
Every year Lumeon undergoes a full external information security audit aligned to the ISO27001:2013 standard. We are accredited by SGS who review our systems and security to ensure that we are complying with our policies and have no single points of failure in the organisation – either on process, technology or people. Everything is documented and tested and all staff undergo regular training to remain up to date. We deal with business-critical data so you can rely on the fact that we take this responsibility seriously.
Lumeon has successfully completed a Type II Service Organization Control (SOC 2) examination. This certification marks Lumeon’s SOC 2 compliance since August 2020 and reflects an audit period of March 1 to September 30, 2021.
SOC 2 certification is the leading industry standard for evaluating vendor security management. By completing the certification, Lumeon demonstrates that potential customers can access a full, objective assessment of its platform’s security and compliance performance.
Epic Connection Hub
Lumeon is a validated in the Epic Connection Hub allowing real time, bidirectional data exchange between the Epic EHR and the Lumeon platform.
Cerner EHR Code
Lumeon is a validated app in the Cerner open developer experience program allowing real time, bidirectional data exchange between the Cerner EHR and the Lumeon platform.
We can send an SMS message to the mobile phone number of the user attempting to log in, or an email to their registered email address with security token, to verify their identity.
Lumeon is committed to protecting the privacy of our clients’ patients’ personal health information. Part of that commitment is complying with the Privacy Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which requires us to take additional measures to protect personal information and to inform our clients about those measures. If you would like more detailed information, please contact email@example.com.
HSCN (formerly N3)
Lumeon is hosted in a secure HSCN compliant and ISO27001 datacentre using one of only a handful of hybrid HSCN approved data architectures. We also support two-factor identification and data encryption to NHS standards.