Terms and conditions

Security and EHR Certifications

Every year Lumeon undergoes a full external information security audit aligned to the ISO27001:2013 standard. We are accredited by SGS who review our systems and security to ensure that we are complying with our policies and have no single points of failure in the organisation – either on process, technology or people. Everything is documented and tested and all staff undergo regular training to remain up to date. We deal with business-critical data so you can rely on the fact that we take this responsibility seriously.

ISO 27001

SOC 2

Lumeon has successfully completed a Type II Service Organization Control (SOC 2) examination. This certification marks Lumeon’s SOC 2 compliance since August 2020 and reflects an audit period of March 1 to September 30, 2021.

SOC 2 certification is the leading industry standard for evaluating vendor security management. By completing the certification, Lumeon demonstrates that potential customers can access a full, objective assessment of its platform’s security and compliance performance.

SOC 2 certification

 

Epic EHR App Orchard

Lumeon is a validated app in the Epic App Orchard allowing real time, bidirectional data exchange between the Epic EHR and the Lumeon platform.

Epic App Orchard

 

Cerner EHR Code

Lumeon is a validated app in the Cerner open developer experience program allowing real time, bidirectional data exchange between the Cerner EHR and the Lumeon platform.

Cerner open developer

 

 

 

Privacy Shield

Lumeon is certified under the EU-US Privacy Shield. View the certification here.

 

Two-factor authentication

We can send an SMS message to the mobile phone number of the user attempting to log in, or an email to their registered email address with security token, to verify their identity.

 

HIPAA

Lumeon is committed to protecting the privacy of our clients’ patients’ personal health information. Part of that commitment is complying with the Privacy Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which requires us to take additional measures to protect personal information and to inform our clients about those measures. If you would like more detailed information, please contact privacy@lumeon.com.

 

HSCN (formerly N3)

Lumeon is hosted in a secure HSCN compliant and ISO27001 datacentre using one of only a handful of hybrid HSCN approved data architectures. We also support two-factor identification and data encryption to NHS standards.