360 Advanced Logo Image
Connect with Us
360 Advanced Logo Image
Connect with Us
Discover how Luma Healthโ€™s compliance program is differentiating them in their industry
Read the case study
Healthcare
SOC 2 Type 2; HITRUST; Penetration Testing; ISO 27001
Luma Health is the creator of the worldโ€™s first digital Patient Success Platformโ„ข, which connects and orchestrates all of the steps in the patient journey, along with all the operational workflows and processes in the healthcare ecosystem.

650+

healthcare organizations on their platform

50+

million patients served

Opportunity

When Nick Lees became the Director of Information Security and Compliance at Luma Health, the company had seen an increase in client requests for their standards and compliance certifications. They already had their SOC 2 Type 2 assessment and were interested in adding in HITRUST CSF. Nick recognized the opportunity to not only do that, but to implement a more thorough and robust compliance program that could help Luma attract more clients and bigger business opportunities.

Solution

Before coming to Luma Health, Nick worked jointly with 360 Advanced to provide compliance assessments and cybersecurity services for an info security program he was building at another company. He really valued 360 Advancedโ€™s technical knowledge and collaborative nature, and knew he wanted 360 Advanced to help him build a compliance program for Luma. Luma Health has used 360 Advanced as their trusted third-party advisor since 2021.

Results

Theyโ€™ve grown an industry-leading compliance program that includes SOC 2 Type 2; HITRUST; Penetration Testing; and ISO 27001 โ€” with the ability to easily add more over time

Their sales cycles are shorter because theyโ€™re able to quickly demonstrate their compliance through 360 Advancedโ€™s audit reports

Their wide range of compliance and security efforts increases their chances of winning new clients and bigger business opportunities

They see significant time and cost savings because they can combine their compliance efforts instead of doing each assessment individually

They have a true advisor who doesnโ€™t just care that theyโ€™re compliant but that theyโ€™re secure, and consistently brings new ways Luma can bolster their info security efforts

The continuity of 360 Advancedโ€™s team allows for more streamlined assessments cycle after cycle

โ€œOur work with 360 Advanced demonstrates to our clients that we take the security and privacy of their data very seriously, and that weโ€™re continuously trying to improve our program and stay on top of changes and emerging threats. It also boosts our business brand as well. Weโ€™re one of the only companies in our space that has HITRUST, SOC 2 and ISO 27001, and it definitely separates us, especially when we go into a sales meeting or talk to a prospectโ€™s info security team. It gets us a seat at the table with clients who may not have considered us previously.โ€
Nick Lees
Director of Information Security and Compliance

Discover how our Integrated Compliance approach drives results for companies like Luma Health.

Contact us today to learn more.

Contact
Download Case Study PDF here

360 Cyber Resources

Explore a wealth of knowledge in our client stories, insightful blogs, cutting-edge white papers, and the latest press releasesโ€”your gateway to a repository of expertise and industry insights.

Press Releases

StationMD Successfully Completes SOC 2 & SOC 3 Examinations, Reinforcing Commitment to Data Security in Telehealth for the I/DD Community

Maplewood, New Jersey – April 18TH, 2025 – StationMD, a leading telehealth provider dedicated to individuals with intellectual and developmental disabilities (I/DD), has successfully completed both a SOC 2 and...

Press Releases

SOC 2 Success Highlights Meperiaโ€™s Dedication to Safeguarding Client Data

Vero Beach, Florida – April 17h, 2025 – Meperia, a leading innovator in cost management and revenue enhancement solutions for the healthcare supply chain, has successfully completed its SOC 2...

Blog

Don’t Get Burned: 5 Things to Know Before You Choose a Cybersecurity Vendor

Cybersecurity and compliance are essential components for any business that deals with personal / sensitive data or simply wants to harden their online assets. With this imperative of the digital...
Explore More