Vim Achieves HITRUST Risk-based, 2-year Certification Demonstrating the Highest Level of Information Protection Assurance - Vim
Press Releases
  • Vim Achieves HITRUST Risk-based, 2-year Certification Demonstrating the Highest Level of Information Protection Assurance

Vim Achieves HITRUST Risk-based, 2-year Certification Demonstrating the Highest Level of Information Protection Assurance

NEW YORK, (November 7, 2023)Vim, the leading point-of-care connection platform in U.S. healthcare has earned certified status for information security by HITRUST for the second time, further validating its commitment to the highest compliance and information security standards. 


HITRUST Risk-based, 2-year (r2) Certified status demonstrates that the organization’s point-of-care connection platform and its underlying EHR connectivity technology have met demanding regulatory compliance and industry-defined requirements and the company is appropriately managing risk. 


This achievement places Vim in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST Assurance Program helps organizations address security and data protection challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.


“HITRUST Certification is the most prestigious certifiable security framework for the healthcare industry and the standard of trust among Fortune 500 companies,” said Oron Afek, CEO of Vim. “Achieving this re-certification is just another assurance for our customers and partners that our systems are as secure as possible according to these rigorous and widely-regarded standards.”


Vim operates under strict security practices designed to protect customers, partners, and staff during an unprecedented time of cyber-attacks. HITRUST standards are uncompromising, consisting of a multitude of quality assurance checks, both automated and manual.


“This achievement is a culmination of continuously nurturing Vim’s culture of security and direct effort across our entire organization to uphold, asses, and enhance our internal security programs,” said Nandy Vaisman, VP of Operations and CISO at Vim. “We are pleased to demonstrate to our customers the highest standards for data protection and information security in an industry that handles significant volumes of PII, ePHI, and other sensitive data.”


“The HITRUST Assurance Program is rigorous and reliable because of the comprehensiveness of control requirements, depth of review, and consistency of oversight,” said Bimal Sheth, Executive Vice President, Standards Development & Assurance Operations, HITRUST. “HITRUST Risk-based, 2-year (r2) Certification demonstrates Vim is taking the most proactive approach to cybersecurity, data protection, and risk management.”     


In addition to upholding our HITRUST Risk-based, 2-year Certification, Vim also successfully passed the rigorous external audit of SOC 2 Type II, a cybersecurity compliance framework developed by the American Institute of Certified Public Accountants (AICPA), and is nearing completion of the 2023 audit. By leveraging the collaboration between AICPA and HITRUST, Vim has achieved and will continue to maintain the highest level of security and assurance in the healthcare industry.


About Vim

Founded in 2015, Vim connects data to workflow at health care’s “last mile”: within clinical operations and at the point of patient care. Health plans and medical providers of every size – from independent practitioners to integrated delivery systems – use Vim software to connect data and care across the health system. Vim’s mission is to power affordable, high-quality health care through seamless connectivity. For more information, visit


Vim Contact: D’Anna Siegle, Director of Content Marketing, Vim

Email: [email protected]