Nsight Health's Patient Care Intelligence Blog

Nsight PRVNT Sets the Standard with Platform-Level Certifications

Written by Crystal Garrett | May 13, 2025 6:54:47 PM

Now more than ever, security and compliance must go beyond the cloud. Many SaaS vendors lean heavily on their hosting provider’s certifications—like those held by AWS or Azure—as if they fully represent the security posture of the application itself. But let’s be clear: a secure hosting environment does not guarantee a secure application.

Why Platform-Level Certifications Matter

Certifications like SOC 2 and HITRUST don’t just evaluate servers or infrastructure—they assess the actual application handling your data. They examine how data is encrypted, how incidents are managed, and how controls are enforced across people, processes, and technology. Only platform-level certifications provide that comprehensive assurance.

Why Hosting Isn’t Enough: Lessons from Recent Breaches

Recent cybersecurity incidents show the danger of relying solely on cloud infrastructure:

  • Oracle Cloud Breach (2025): Attackers exploited a known middleware vulnerability, stealing enterprise credentials from applications built on Oracle Cloud—despite the infrastructure’s own certifications.

  • PowerSchool Hack (2024): A cloud-based education platform was breached, leaking student data including SSNs and medical alerts. The hosting infrastructure wasn't the problem—the platform’s own controls were insufficient.

These cases make it clear: the real risk lies at the application layer, not the data center.

Nsight PRVNT: Certified Confidence, Delivered Fast

At Nsight Health, we believe trust should be earned through transparency and third-party validation. That’s why our Nsight PRVNT platform achieved:

  • SOC 2 Type I certification as of December 15, 2024

  • SOC 2 Type II certification as of May 8, 2025

Moving from Type I to a full Type II certification in under five months is a rare achievement—and it underscores the strength and maturity of our security, compliance, and engineering programs.

Unlike many who rely on their hosting provider’s credentials, we pursued certification for our platform itself—the system you and your patients interact with every day.

Raising the Bar: HITRUST r2 Underway

We are currently in the process of achieving HITRUST r2 certification, one of the most comprehensive and widely adopted frameworks in the healthcare industry. This effort reflects our continued dedication to building trust through strong, measurable, and repeatable security and privacy practices that meet both HIPAA and NIST-based standards.

Don’t be misled by “we’re on AWS” or “our infrastructure is compliant.” Ask the real question: Is the platform certified? Nsight PRVNT is—and we’re proud to lead the way.

To learn more about RPM devices and CCM through Nsight, click HERE to schedule a demo today. Whether you are a patient or provider looking to learn more about RPM, we would love to hear from you. 

 
View full post