SRS
Summit Radiology Services
Radiology Management Portal

Security & compliance

Summit Radiology Services operates under a HIPAA-aligned security program. A SOC 2 Type II examination is in progress; we are not yet certified. Production systems currently run under a controlled security program that covers access control, encryption at rest and in transit, audit logging, and vendor review. A BAA is available on request for covered entity customers. Questions about the security posture should be directed to the contact page.

Program scope

The Summit Radiology Services security program covers the following controls across production systems and vendor relationships:

  • Role-based access control with least-privilege defaults and periodic review.
  • Encryption at rest and in transit for application data and backups.
  • Audit logging for authentication events and privileged actions.
  • Vendor and sub-processor review before production data is shared.