Data Security, Privacy, and Compliance at BetterMynd
Data security and privacy are of the utmost importance. Our conscientious, comprehensive strategy mitigates both human and software threat vectors to protect your and your students’ valuable data.
Compliance
BetterMynd has successfully completed its Systems and Organizational Control (SOC) 2 Type 2 examination. In doing so, BetterMynd maintains its adherence to one of the most stringent, industry-accepted compliance frameworks for service organizations and provides additional assurance to its campus partners, through an independent auditor, that its business process, information technology and risk management controls are properly designed and operating as intended.
We are also able to provide a HECVAT (Higher Education Community Vendor Assessment Toolkit) which provides a detailed picture of our cybersecurity, privacy, IT accessibility, and compliance standards.
Accessibility
At BetterMynd, we want to create a platform that is accessible to all users. On an annual basis, we conduct an accessibility self-assessment, using the VPAT and WCAG 2.2., Level AA guidelines. This ensures the platform and digital experience are accessible to all, including those who use screen readers and assistive technologies.
Our Accessibility Statement can be found here.
Terms of Service & Privacy Policy
Our Terms of Service and Privacy Policy can be found here.
Confidentiality
BetterMynd complies with all applicable regulations (e.g. FERPA, HIPAA). All teletherapy sessions are conducted using Zoom, ensuring a HIPAA-compliant solution for these sensitive conversations. Counselors use electronic health records and do so in accordance with applicable federal and state laws and ethical codes. Counselors seek an authorization for the release of information to disclose confidential information with exceptions for judicial subpoenas, imminent risk, duty to warn, and in applicable mandated reporting situations such as suspicion of child abuse.
