Vibrent Health has announced that its software-as-a-service (SaaS) precision medicine platform was granted Authority to Operate (ATO) by the National Institutes of Health (NIH).
This certification validates that Vibrent’s Learning Health System (LHS) meets government’s most stringent data security and privacy standards. It also makes the commercial off-the-shelf (COTS) technology platform available to federal, state, and local government agencies as well as commercial customers.
Our government and commercial customers are facing significant security challenges and depend on Vibrent Health to protect their health data and the privacy of their users. Government agencies and commercial customers can now use Vibrent’s secure and robust precision medicine technology platform to rapidly expand their health programs through a SaaS business model, while reducing cost and duplication. Chosen through a national competitive process from dozens of leading academic and industry organizations, Vibrent is the sole technology platform powering the NIH’s precision medicine initiative, the AllofUs Research Program (AoURP). This groundbreaking effort aims to engage more than one million participants to understand how genomics, lifestyle, behavioral, and environmental factors impact an individual’s health.
“This ATO certification marks a significant milestone for Vibrent in its journey to power the next generation of personalized medicine,” said Praduman Jain, founder and CEO of Vibrent Health. “Our technology infrastructure is fully vetted and available to organizations that require the highest levels of mission-critical security including Department of Defense (DoD), Department of Veterans Affairs (VA), Centers for Medicare and Medicaid Services (CMS), Department of Health and Human Services (HHS), National Cancer Institute (NCI), as well as commercial customers. This ATO will continue to fuel our company’s growth and rapid expansion.”
Vibrent received its ATO certification in record seven months. The company worked with Coalfire, a third-party assessment organization (3PAO), to develop and implement robust security plans, policies, procedures, scanning, SSP, and pen testing, per FISMA risk management framework, to ensure the security and integrity of Vibrent’s platform. With this assessment, Coalfire confirmed that Vibrent Health has the required management, operational and technical security controls in place to mitigate risk and provide a secure environment for government agency federal systems, bureaus, departments, and their supporting entities.
Vibrent LHS’ security and compliance framework now covers FISMA Low and Moderate, FIPS 200, SP800-53 revision 4, SP800-37, NIST technical security controls, HIPAA, ISO 13485, ISO 9001, ISO 14971, ISO 62366, FDA HE 75, FIPS 140-2, and SAS-70 type II.
“Vibrent wanted a knowledgeable partner that would make this process efficient, cost-effective, timely and improve their security posture beyond just their compliance requirements,” said Kennet Westby, founder and Chief Strategist, Coalfire. “Our successful partnership with Vibrent Health underscores our proven ability to help customers effectively manage risk and maintain compliance with some of the industry’s most complex security standards. We were pleased to help Vibrent meet all of their goals and support this very important strategic project for the company.”
Vibrent’s flexible platform creates personalized health journeys for users. By combining data from multiple sources including genomics, environment, bio-markers, lifestyle, behaviors, wearables, electronic health records, medical devices, and patient-reported outcomes, Vibrent delivers evidence-based insights to help people live healthier lives. In addition to NIH, Vibrent is trusted by industry leaders such as Johns Hopkins, American Academy of Dermatology (AAD), Roche, Janssen (a company of Johnson and Johnson), Stanford, Veterans Administration, United Health Group, and Medtronic.