SOC 2 Type II
Independently audited every year. Our current report is available under NDA to prospective and existing enterprise customers.
Request the reportSecurity & Trust
Security and trust at Psych Hub.
How we protect data and earn the confidence of the organizations we serve — written for procurement teams and security reviewers.
Our security posture.
Data privacy
Psych Hub is a clinical-education platform. We collect no patient data to deliver training, and we don't sell personal information.
Read our privacy policyEncryption
We protect data in transit and at rest using industry-standard safeguards.
Subprocessors
We rely on a focused set of infrastructure and service providers, published in our subprocessor disclosure.
See our subprocessorsSOC 2 Type II
Psych Hub maintains a SOC 2 Type II report, audited annually by an independent firm. The current report is available under NDA to prospective and existing enterprise customers. To request it, email security@psychhub.com.
HIPAA & Business Associate Agreements
Psych Hub is a clinical-education platform — it delivers training to behavioral-health professionals and requires no patient data or Protected Health Information (PHI) for standard use. Because of that, HIPAA generally does not apply to how our platform is used. For specific customer engagements that do involve PHI, Psych Hub may enter into a Business Associate Agreement (BAA); contact us to discuss your requirements.
Data handling and privacy
We collect only the information needed to operate our website and deliver our services, and we never sell personal information. Data is protected in transit and at rest using industry-standard safeguards. Our Privacy Policy explains what we collect and how we use it, and our Subprocessor Disclosure Statement lists the providers that support the platform.
Reporting a vulnerability
If you believe you've found a security vulnerability in a Psych Hub product, email security@psychhub.com with details and steps to reproduce. We review every report and coordinate responsible disclosure. We don't currently operate a paid bug-bounty program.
Need documentation for a security review?
We share our SOC 2 Type II report and answer security questionnaires for prospective and existing customers. Reach our security team directly.