Security & Compliance
Rounds handles protected health information with the same rigor you expect from your EHR. Security is foundational, not an afterthought.
HIPAA Compliance
Rounds meets all HIPAA requirements for protected health information. Business Associate Agreements are available for all customers.
SOC 2 Type II
Our infrastructure and processes are independently audited for security, availability, and confidentiality controls.
ISO 27001
Rounds maintains ISO 27001 certification, the international standard for information security management systems (ISMS).
Encryption at Rest
All patient data is encrypted at rest using AES-256 encryption in secure, redundant data centers.
Encryption in Transit
All data transmitted between patients, providers, and our systems is protected with TLS 1.3.
Access Controls
Role-based access controls ensure that patient data is only accessible to authorized clinical staff.
Audit Logging
Comprehensive audit trails track all access to patient data for compliance and security review.
Have Security Questions?
Our security team is available to answer questions and provide documentation for your compliance review.