Data security is our priority

When it comes to your customer’s data, security always comes first. Above all else, Loyal ensures confidentiality of every piece of electronic protected health information (ePHI) we touch.


Robust policies and controls safeguard the collection, use and disclosure of PHI. Within the Loyal platform, we encrypt all data in transit between our hard drives and servers and at rest. As a safeguard, Loyal assumes all data may contain ePHI, even though our Risk Assessment doesn’t indicate this is the case, and provides appropriate protections based on that assumption.


As providers of hosted infrastructure, Loyal maintains compliance, proactively addresses information security and mitigates risk.

Loyal’s cloud-based software is managed through an extremely strong security program dedicated to ensuring customers have the highest confidence in our management of their data. Our security program was constructed using HIPAA guidelines as well as the HITECH and HITRUST Common Security Framework.


At our sole discretion, Loyal shares audit reports, including HITRUST reports and Corrective Action Plans (CAPs), with customers on a case-by-case basis. All audit reports are shared under explicit NDA in Loyal format (unless the parties already have an existing NDA) between Loyal and party to receive materials. Audit reports can be requested by Loyal workforce members for Customers or directly by Loyal Customers.

For more information on how we protect you and your patient’s security, contact us here.