Industry-Leading Processes You Can Count On—

Keeping you compliant and patient data secure.

The careMESH platform was built from the ground up to deliver a rigorous, compliant and user-friendly identity-proofing process that ensures all active users have their identity validated BEFORE gaining access to patient data.

Our Information Security Program is compliant with ISO 27001 leveraging our ISO 9001-compliant Quality Management System (QMS). All careMESH services comply with and exceed the requirements of HIPAA and NIST 800-63 and appropriate components are certified according to CEHRT 2015.  


Our customers can rest assured that:

  • Enterprise customers are enrolled with strong procedural and technical processes meeting or exceeding all of the above standards.

  • Individual clinician enrollments combine smart multi-factor Identity Proofing (IDP) that includes the licensed provider’s official name, NPI number (from official government licensing sources), PLUS last 4 of SSN, Mobile Phone and DOB.

  • Patient Data, such as medical records and PHI included in messages, can only be sent to individuals via a Direct Protocol address or to individuals listed in the careMESH National Provider Directory and who complete the identity proofing process.

Security Shield With Fingerprint