Canto’s HIPAA compliance ensures that your assets are protected, accessible, and secured on Canto’s platform. All data is encrypted in transit and at rest. Our employees are trained on the latest security threats, and granular asset control is included out-of-the-box for administrators.
All data stored in Canto is secured in accordance with the HIPAA Security Rule, and Canto signs BAAs with any clients that will store ePHI in Canto. Additionally, Canto’s internal policies and security program are continuously reviewed to ensure compliance.
HIPAA compliance is a shared responsibility. Customers must follow industry standards for SaaS tools and enforce organizational policies to meet HIPAA requirements internally.