Your data’s security means everything to you. Us too.

We don’t consider security just another feature. It’s the foundation of everything we do.

And for good reason: we built Steer Health for the complex security needs of healthcare. We understand how important the responsibility of safeguarding this data is to our customers.

All-In-One Virtual Care Platform To Improve Patient Outcomes and Increase Profitability

All-in-One Conversational Platform that amplifies digital touch-points along the patient journey.

How We Protect You

Steer is designed with multiple layers of protection across a distributed, reliable infrastructure. You can chat with patients knowing that Protected Health Information (PHI) is secure.

We encrypt all data, both in transit between our apps and servers, and at rest using the latest recommended secure cipher suites and protocols.

Universal employee background checks, recorded logs of every touchpoint, and role-based permissions on restricted areas are just a few of the ways we keep you safe. Meanwhile, tools like custom password policies, SSO, and two-step verification help protect your account from unwanted access.

End-to-End Encryption

Messages are stored on isolated Steer servers in encrypted format. They are also transmitted in encrypted format between our servers and user devices. Messages between our users are also transmitted in encrypted form within our secure server network. Because data is encrypted at all steps, the risk of message interception is largely eliminated.

How We Protect Patient Privacy

It’s our highest priority to protect patient data from unauthorized access. Robust policies and controls safeguard the collection, use, and disclosure of PHI.

We place strict controls over our own access to production data within Medchat. Only select senior staff have security clearance to access the systems that store and process Customer Data, and only when absolutely necessary. Technical controls ensure that any access to Customer Data is logged.

Internal & External Application Security Testing

Our engineering team regularly performs automated and manual application security testing. Their mission? To identify and patch potential security vulnerabilities and bugs on our application.

We also work with third-party security specialists via a sophisticated bounty program. This means the Medchat application consistently undergoes rigorous testing by some of the top security experts in the world.

HIPAA and HITECH Compliance

As a healthcare technology company, we operate in accordance with all applicable privacy and data protection laws, including HIPAA and HITECH. Medchat signs a Business Associate Agreement (BAA) with every customer and a custom BAA and Master Service Agreement (MSA) with enterprise clients.

We adhere to regulatory and legislative compliance requirements, enforcing our commitment to the highest standards.

Data centers where PHI is stored hold HIPAA/HITECH, HITRUST, ISO 27001, ISO 27017, SOC 1, SOC 2, and SOC 3 compliance.


See what others are saying

Kishori Somyreddy
Kishori SomyreddyMedical Director Neuro Associates of Texas
Read More
Steer has brought an efficient customer support service no matter how many requests our team may had allowing us to solve many issues of each patient in a personalized way!
Thomas S
Thomas SCIO, Virginia Care
Read More
This is a no-brainer if you want to take you healthcare organization to the next level

Schedule a Demo

of our product