360 Advanced Logo Image
Connect with Us
360 Advanced Logo Image
Connect with Us
Discover how Luma Health’s compliance program is differentiating them in their industry
Read the case study
Healthcare
SOC 2 Type 2; HITRUST; Penetration Testing; ISO 27001
Luma Health is the creator of the world’s first digital Patient Success Platform™, which connects and orchestrates all of the steps in the patient journey, along with all the operational workflows and processes in the healthcare ecosystem.

650+

healthcare organizations on their platform

50+

million patients served

Opportunity

When Nick Lees became the Director of Information Security and Compliance at Luma Health, the company had seen an increase in client requests for their standards and compliance certifications. They already had their SOC 2 Type 2 assessment and were interested in adding in HITRUST CSF. Nick recognized the opportunity to not only do that, but to implement a more thorough and robust compliance program that could help Luma attract more clients and bigger business opportunities.

Solution

Before coming to Luma Health, Nick worked jointly with 360 Advanced to provide compliance assessments and cybersecurity services for an info security program he was building at another company. He really valued 360 Advanced’s technical knowledge and collaborative nature, and knew he wanted 360 Advanced to help him build a compliance program for Luma. Luma Health has used 360 Advanced as their trusted third-party advisor since 2021.

Results

They’ve grown an industry-leading compliance program that includes SOC 2 Type 2; HITRUST; Penetration Testing; and ISO 27001 — with the ability to easily add more over time

Their sales cycles are shorter because they’re able to quickly demonstrate their compliance through 360 Advanced’s audit reports

Their wide range of compliance and security efforts increases their chances of winning new clients and bigger business opportunities

They see significant time and cost savings because they can combine their compliance efforts instead of doing each assessment individually

They have a true advisor who doesn’t just care that they’re compliant but that they’re secure, and consistently brings new ways Luma can bolster their info security efforts

The continuity of 360 Advanced’s team allows for more streamlined assessments cycle after cycle

“Our work with 360 Advanced demonstrates to our clients that we take the security and privacy of their data very seriously, and that we’re continuously trying to improve our program and stay on top of changes and emerging threats. It also boosts our business brand as well. We’re one of the only companies in our space that has HITRUST, SOC 2 and ISO 27001, and it definitely separates us, especially when we go into a sales meeting or talk to a prospect’s info security team. It gets us a seat at the table with clients who may not have considered us previously.”
Nick Lees
Director of Information Security and Compliance

Discover how our Integrated Compliance approach drives results for companies like Luma Health.

Contact us today to learn more.

Contact
Download Case Study PDF here

360 Cyber Resources

Explore a wealth of knowledge in our client stories, insightful blogs, cutting-edge white papers, and the latest press releases—your gateway to a repository of expertise and industry insights.

Blog

New HIPAA Rule Mandate: Strengthening Cybersecurity For EPHI

The latest proposed updates to HIPAA’s Security Rule seek to strengthen technical safeguards, promote risk management, and enhance accountability for covered entities (health plans, health care clearinghouses, and most health...

Press Releases

Finery Markets Completes SOC 2 Type 2 Examination, Reinforcing Its Commitment to Security and Trust

British Virgin Islands – February 5th, 2025 – Finery Markets, a leading non-custodial crypto Electronic Communication Network (ECN) and provider of institutional trading solutions, has successfully completed its SOC 2...

Blog

What Defense Contractors and Industry Affiliates Need to Know About Title 32 Final Rule

The Title 32 Final Rule marks a significant milestone in the U.S. Department of Defense’s (DoD) ongoing efforts to secure the defense industrial base (DIB) through the Cybersecurity Maturity Model...
Explore More