Smith and Hith IT consulting services

Your Data is Handled with Clinical-Grade Care

We design every layer of our infrastructure and operations around one principle: protecting the data entrusted to us by patients, clinicians, and institutions.

HIPAA Compliant • SOC 2 Type II • ISO 27001 • HITRUST CSF • TLS 1.3 Encryption • 99.9% Uptime SLA

Security Built Into Everything

Zero-trust architecture
Encryption everywhere
Least privilege access
Continuous monitoring
Regular penetration testing
Audit-ready logging

Certifications & Compliance

HIPAA compliant for PHI handling
SOC 2 Type II annual audits
ISO 27001 certified
HITRUST CSF r2 certified

Operational Security Controls

Mandatory MFA
EDR with CrowdStrike Falcon
Patching within 7 days
Vendor risk reviews
Quarterly phishing simulations
Background checks for staff

Performance Metrics

99.97% uptime last 12 months
<18 min Mean Time to Detect
100% annual security training completion
0 PHI breaches reported to HHS since founding

Data Handling & Privacy

PHI, logs, service data, analytics, and staff records are managed with strict retention, access control, encryption, and transparency policies.

We never sell your data.

Incident Response

A documented and regularly tested incident response plan ensures rapid containment, investigation, remediation, and stakeholder communication when issues arise.

Web Security