Our Commitment to Security
At OneCred, protecting provider and organizational data is at the core of everything we do. We maintain rigorous internal controls and undergo independent third-party audits to ensure that our systems and processes meet the highest standards for data security and privacy.
SOC 2 Type II Compliance
OneCred has achieved SOC 2 Type II compliance, demonstrating that our information security practices, policies, and procedures meet the strict standards for security, availability, and confidentiality.
Our audit was conducted by an independent firm and covers our credentialing and provider data management platform, infrastructure, and supporting operations.
HIPAA Compliance
In addition to SOC 2, OneCred is HIPAA compliant, meaning our systems and workflows are designed and validated to protect Protected Health Information (PHI) in accordance with U.S. healthcare privacy laws.
Practitioner Rights & Responsibilities
Practitioner Rights & Responsibilities
Review of Information:
Applicants may review and correct information submitted for credentialing upon request. OneCred responds to credentialing inquiries within 5 business days, except for references, recommendations, and peer-review protected information.
To request a review or correction, contact Teresa Summers: tsummers@onecred.com.