Healthcare Blocks last conducted an internal risk assessment in August 2023.
The CAIQ v4 report is based on the Cloud Controls Matrix (CCM), a cybersecurity control framework for cloud computing aligned to the Cloud Security Alliance's de-facto standard for cloud security and privacy. The framework maps to well-known standards such as ISO 27001/27002/27017/27018 and NIST 800-53r5.
In addition, Amazon Web Services, the cloud service provider of the infrastructure services utilized by Healthcare Blocks, has its own risk assessment artifacts available upon request. These documents require the execution of a non-disclosure agreement with AWS.