Wildflower Health Achieves HITRUST r2 Certification and SOC 2 Type II Certified Platform, Demonstrating Commitment to Cybersecurity and Information Protection

Certifications validate Wildflower is meeting rigorous cybersecurity and data protection standards through independent assessment and assurance.

 

HITRUST r2 Certification

Wildflower Health has earned certified status from HITRUST for cybersecurity and information protection with the HITRUST r2 Certification for its Wildflower Production System and platform. The HITRUST Certification demonstrates that Wildflower has met requirements defined by leading cybersecurity and regulatory frameworks, confirming that strong controls are in place to protect sensitive data and manage risk effectively.

Wildflower has held HITRUST certifications from 2020 through 2025.

Built on the HITRUST Assurance Program, this achievement reflects independent third-party testing, centralized quality assurance, and certification backed by HITRUST’s Cyber Threat-Adaptive engine. These elements ensure continuous alignment with the latest threat intelligence and evolving standards across NIST, ISO, and OWASP.

 

SOC 2 Type II Certified Platform

SOC, which stands for System and Organizational Controls, is a framework developed by the American Institute of Certified Public Accountants (AICPA) for the purpose of providing regular, independent attestation of the controls that a company has implemented to mitigate information-related risk.

In a SOC 2 audit, organizations describe the policies, procedures, and systems in place to protect information across five categories called Trust Services Criteria. The categories are: Security, Availability, Processing Integrity, Confidentiality, Privacy. And independent auditor evaluates the evidence supplied for the controls in each category. Passing the audit and receiving the SOC 2 certification assures customers and business partners that their data will be handled securely.

Wildflower has held SOC 2 certifications in 2023, 2024 and 2025.

SOC 2 Type II audits attest to both the design and the operating effectiveness over a period of time. This type of SOC audit provides assurance of not just how systems are set up, but how they are used on a day-to-day basis.

Wildflower completed its SOC 2 and HITRUST examination with the guidance of third-party audit firm A-LIGN. This comprehensive, globally recognized attestation validates Wildflower’s commitment to critical security standards to protect and secure client data.