NCCN Clinical Practice Guidelines in Oncology (NCCN Guidelines®) for Survivorship

Privacy & Security

Rest Assured, Your Data is Secure

SOZO® Digital Health Platform Architecture Diagram

ImpediMed’s devices and software solutions meet the highest standards of industry and regulatory requirements.

Contact Us

Impedimed Security Architecture Diagram

EHR Interface

  • Access SOZO data directly from your EHR system in real-time.
  • Save time and gain workflow efficiency
  • Ensure data reporting accuracy


EHR Interface

Certification & Compliance Documents

Review and download privacy, security, and compliance certificates here or contact us for support.

HiTrust CSF® (Certification v9.3) and HIPAA Compliance

SOZO Security Overview

SOZO 3rd Party Penetration Testing Summary

SOZO Architecture Diagram, MFA & SSO

Privacy Impact Assessment

Privacy Policy

Privacy & Security of Data

To provide safe and reliable access to the data, SOZO Digital Health Platform offers the following security and privacy features.

  • Requires SOZO users to have complex application passwords
  • End-User Multi-Factor Authentication(MFA)
  • Ability for the end users (clinician and administrator) to reset their own password
  • Configurable password lockout period and password expiration time
  • Active Directory FS and Azure AD SSO Integration
  • Ability to create multiple administrator accounts
  • No data resides on the SOZO Device or the Tablet
  • Data in motion and Data at rest are encrypted
  • Availability of detailed user-logs via user interface
  • High availability and enhanced encrypted data back-up
  • Segregated virtual private network for different objects in the architecture
  • Access to ImpediMed SOZO infrastructure restricted to authorized users with 2-factor authentication
  • HIPAA Business Associate compliant. Have implemented the following security and privacy controls
    • Security Standards (45 C.F.R. § 164.306)
    • Administrative Safeguards (45 C.F.R. § 164. 308)
    • Physical Safeguards (45 C.F.R. § 164.310)
    • Technical Safeguards (45 C.F.R. § 164.312)
    • Organizational Requirements (45 C.F.R. § 164.314)
    • Policies and Procedures (45 C.F.R. § 164.316)
    • Notification to the Secretary (45 C.F.R. § 164.410)
    • General Rules; Uses and Disclosures of PHI (45 C.F.R. § 164.502)
    • Organizational Requirements; Uses and Disclosures (45 C.F.R. § 164.504)
  • HITRUST Certified. Privacy and Security compliance achieved in the 19 domains of HITRUST Security Framework

Download Privacy & Security (US)

Download Privacy & Security (OUS)

Contact Us

Questions about privacy and security for SOZO Digital Health Platform? Contact us for more information.