Healthcare Blocks last conducted an internal risk assessment in July 2022.
Customers can access several artifacts (see attached PDF's below) that provide details about the security practices and controls implemented by Healthcare Blocks:
- The CAIQ v4 report is based on the Cloud Controls Matrix (CCM), a cybersecurity control framework for cloud computing aligned to the Cloud Security Alliance's de-facto standard for cloud security and privacy. The framework maps to well-known standards such as ISO 27001/27002/27017/27018 and NIST 800-53r5.
- The NIST Controls report is extracted from the Clearwater Compliance IRM|Analysis platform and summarizes the NIST Cybersecurity Framework controls implemented by Healthcare Blocks.
In addition, Amazon Web Services, the cloud service provider of the infrastructure services utilized by Healthcare Blocks, has its own risk assessment artifacts available upon request. These documents do require the execution of a non-disclosure agreement with AWS.