Security, Privacy, & Trust at Presidium Health
We protect patient data—and earn the confidence of patients, providers, and partners—every day.
Patients invite us into their lives and homes. Providers rely on us to support continuity of care. Health plans depend on us to operate responsibly within complex regulatory environments. Protecting that trust is central to everything we do.
Our Philosophy on Care, Privacy, & Trust
Care, privacy, and trust are inseparable. Security is not about restriction—it is about responsibility.
Patient-centered
We protect personal information with the same intention we bring to care: thoughtfully, consistently, and with accountability.
Partner-ready
We operate with discipline and transparency, supporting the expectations of providers and health plans across contracting, compliance, and audit needs.
Our Commitment to Patients and Partners
Presidium’s ecosystem is designed to protect sensitive health information while enabling compassionate, coordinated, and high-touch care.
For patients and families
Personal and health information is respected, safeguarded, and used purposefully to support care.
For providers and health-plan partners
We operate with systems built for reliability at scale, supported by governance and continuous oversight.
SOC 2 Type II Attestation
Presidium Medical Group has completed a SOC 2 Type II examination, demonstrating that the controls governing its clinical operations were independently assessed over an extended audit period. These controls help support data integrity, continuity of care, and reliable coordination across high-risk patient populations where accuracy and availability matter most.
The SOC 2 Type II report for Presidium Medical Group is a core component of our enterprise due diligence posture and is available to qualified partners upon request under an appropriate non-disclosure agreement.
Built for Health Plan Due Diligence
We recognize the responsibility health plans carry—and we design our controls to support it.
We understand the expectations of health plans, governmental agencies, and regulated partners. Our program supports structured due diligence reviews by providing clarity around control ownership within the Presidium system, vendor and subservice organization oversight, data handling practices, and incident response responsibilities.
Access Governance
Role-based access controls, provisioning workflows, and regular access reviews ensure that systems are accessed only by authorized personnel.
Vendor & Subservice Oversight
Third-party vendors are evaluated through documented risk assessments, contractual safeguards, and ongoing monitoring.
Incident Response
Defined escalation paths, investigation procedures, and remediation protocols support timely and accountable incident management.
Operational Monitoring
Continuous monitoring and periodic reviews help ensure controls remain effective as the organization scales.
Compliance-Aligned by Design
Compliance is treated as an operational capability—not a checkbox—embedded into workflows, training, and governance.
Our security program is designed to align with healthcare regulatory expectations, including HIPAA-related administrative, technical, and physical safeguard principles. While SOC 2 is not a HIPAA certification, the underlying controls support the confidentiality, integrity, and availability requirements expected in healthcare environments.
Beyond frameworks, compliance is reinforced through people and process—ongoing training, clear accountability, and operational governance embedded into day-to-day workflows.
Request the SOC 2 Report
For health plan partners conducting formal due diligence, the SOC 2 Type II report for Presidium Medical Group is available upon request.
- Non-disclosure agreement required
- Shared through secure channels
- Contextual walkthrough available upon request
Our team is happy to walk through the report, discuss control ownership, and answer questions as part of your review.
To request access: security@presidiumhealth.com