At Kythera Labs, trust is foundational to our mission of helping our customers unlock value from real-world data. We protect every dataset, model, and workflow through rigorous security, privacy, and compliance programs built to meet and exceed industry standards.
We continuously monitor and strengthen our security posture, ensuring that our customers’ data and their patients’ data remain safe, private, and reliable.
Kythera Labs applies a defense-in-depth strategy to safeguard data across all environments, from infrastructure to application.
Our controls are aligned with leading frameworks, including NIST 800-53, NIST CSF, and ISO 27001. Key elements of our security program include:
Kythera Labs is proud to have achieved SOC 2 Type II certification, verifying the effectiveness of our controls for security. Our compliance framework also aligns with HIPAA and the OIG’s Seven Elements of an Effective Compliance Program, ensuring ethical and regulatory integrity at every level.
Customers may request access to our current SOC 2 Type II report by contacting compliance@kytheralabs.com.
We apply strict data governance and HIPAA-aligned privacy practices throughout the data lifecycle.
Our data preparation processes include automated de-identification, tokenization, and cleansing before any data enters our Wayfinder platform.
Kythera does not store or process data outside the United States. All infrastructure, support, and services are U.S.-based.
We believe trust is earned through transparency.
Our Security and Compliance teams partner with customers to support security assessments, risk reviews, and procurement processes.
Service-level agreements ensure 99.9% data availability and prompt response to critical issues.
For additional details, download our Security & Compliance Posture (PDF) or contact us at compliance@kytheralabs.com.
