Multi-Health Systems operate an Information Security Management System that conforms to the requirements of ISO/IEC 27001:2013.

MHS adheres to the regulations set forth by the Family Educational Rights and Privacy Act of 1974 (FERPA). Under FERPA, parents or eligible students have the right to review the student’s education records maintained by the school. For information on MHS’s FERPA policy, click here.

Policy of adherence to the regulations set forth by the United States Congress in the Health Insurance Portability and Accountability Act (HIPAA).

Policy of adherence to the regulations set forth by the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). PIPEDA establishes guidelines and principles on how individual personal information is collected, used, and disclosed.

MHS complies with the iKeepSafe Privacy Program and received California Student Privacy Certification (CSPC). MHS also complies with the guidelines of the California Consumer Privacy Act (CCPA).

FAQ on the General Data Protection Regulation (GDPR), for MHS clients and/or distributors located in the EU or working with clients located in the EU.

MHS adheres to the COPPA privacy principals and MHS sites are not directed to children under 13 years of age. For more information regarding COPPA and online privacy, please see the COPPA website.

Policy statement on the standards developed to break down barriers and increase accessibility for persons with disabilities in the areas of information, communications, and employment.

MHS complies with the guidelines of the Student Online Personal Information Protection Act (SOPIPA) and agrees to maintain the security and confidentiality of pupil records, delete student information when requested, and not disclose student information unless required by law.

MHS complies with the requirements of the UK Cyber Essentials Scheme. This certification indicates MHS takes a proactive stance against malicious cyber attacks.

Multi-Health Systems, Inc. (MHS) understands the importance of complying with established operational, technological, and security policies related to criminal justice information systems and services. As a provider of solutions used by the criminal justice community, MHS may capture and process data or information classified as criminal justice information (CJI). Recognizing that these systems must comply with the requirements of the Criminal Justice Information Services Security Policy (CJISSECPOL), which is the national standard for protecting CJI, MHS is committed to adhering to all policies as required to process or store CJI.

Additionally, MHS’ compliance with the requirements set forth by CJISSECPOL contributes to maintaining the operational integrity and security of interconnected criminal justice information systems critical to ensuring public safety. Demonstrating compliance allows MHS to maintain the trust of the national criminal justice communities.

MHS validates our commitment to critical security standards to protect and secure client data by obtaining SOC 2 examination