DPC Summit 2026Webinar with DPC Alliance Self Fund Summit 2026Spruce PartnershipHint Partnership
Legal

Security Vulnerability Disclosure

Last Updated: June 15, 2026

Introduction

At HealthCompiler, we take the security and privacy of our customers, partners, and users seriously. We are committed to maintaining the confidentiality, integrity, and availability of the data entrusted to our platform.

Report a Security Vulnerability

If you believe you have discovered a security vulnerability in a HealthCompiler product, service, application, or website, we encourage you to responsibly disclose it to our security team.

1

How to Report a Vulnerability

Please submit your findings by emailing our security team:

Email: security@healthcompiler.com

To help us investigate and resolve the issue as quickly as possible, please include the following information:

  • Description of the vulnerability
  • Affected product, service, URL, or system
  • Steps required to reproduce the issue
  • Potential impact of the vulnerability
  • Supporting evidence such as screenshots, logs, or proof-of-concept details
2

Our Commitment

Upon receiving a vulnerability report, HealthCompiler will:

  • Acknowledge receipt of the report within a reasonable timeframe
  • Review and validate the reported issue
  • Assess the severity and potential impact
  • Prioritize remediation based on risk and business impact
  • Keep the reporter informed of progress where appropriate
  • Notify affected customers when customer impact is identified or customer action is required
3

Responsible Disclosure Guidelines

We request that researchers:

  • Act in good faith and avoid violating privacy, confidentiality, or service availability
  • Do not access, modify, or disclose customer data
  • Do not exploit vulnerabilities beyond what is necessary to demonstrate their existence
  • Allow HealthCompiler a reasonable period of time to investigate and remediate the issue before public disclosure
4

Safe Harbor

HealthCompiler supports responsible security research conducted in good faith. Activities performed in accordance with this policy and intended solely to identify and report security vulnerabilities will not be considered unauthorized activity.

Contact

For all security-related concerns, vulnerability reports, or security questions, please contact:

security@healthcompiler.com