
Security, Regulatory & Compliance
Rock-solid security. FDA Class I. Built for compliance.
Sirona is the only FDA Class I reporter platform in radiology — any platform that analyzes medical images is a regulated medical device, and Sirona is built to that standard. SOC 2 Type II certified for six consecutive years with zero exceptions, and HIPAA-compliant by design. The master reference for every security, regulatory, and compliance capability across the platform.
How Sirona is Different
The only FDA Class I reporter platform in radiology
Analyzing medical images makes a product a regulated medical device — you cannot power a pixel-driven radiology reporting workflow without FDA designation. Sirona holds FDA Class I designation for its reporter platform, developed under a regulated, design-controlled SDLC. No other reporting platform in radiology carries that regulatory oversight.
The complete security & compliance stack
Every certification, control, and safeguard behind Sirona's security posture.
FDA Class I Reporter Platform
Sirona is the only FDA Class I reporter platform in radiology. Analyzing medical images classifies a product as a regulated medical device; Sirona is built and documented to that standard under a design-controlled SDLC.
SOC 2 Type II
Six consecutive years of SOC 2 Type II certification with zero exceptions, validating security, availability, processing integrity, confidentiality, and privacy across all systems.
HIPAA Compliance
End-to-end HIPAA compliance with encryption, audit logging, access controls, and patient authentication. Built to protect PHI in every clinical context.
Security Testing
Routine third-party security testing, vulnerability management, incident response, and continuous security monitoring.
Encryption Standards
AES-256 encryption at rest, TLS 1.3+ in transit. All data classified and encrypted end-to-end. Zero exposure to unencrypted patient data.
International Expansion
International expansion in progress for 2027 — pursuing EU MDR certification and ISO 13485 medical device standards as the foundational pathway for our international deployment across the UK, EU, South Africa, and UAE.
Built for how radiologists actually work
Regulatory posture, security architecture, and compliance framework — engineered to pass the toughest scrutiny year after year.
Regulatory Posture
FDA Class I — the only reporter platform in radiology
Analyzing medical images makes a product a regulated medical device. Sirona holds FDA Class I designation for its reporter platform and develops under a regulated, design-controlled SDLC — rigorous clinical validation, documented safety, and ongoing compliance that competitors cannot claim.
FDA Class I designation for the reporter platform
Regulated, design-controlled software lifecycle
Rigorous clinical validation and documented safety
Quality system spanning development and deployment
Security Architecture
Security built into every layer
Encryption by default (AES-256 at rest, TLS 1.3+ in transit), comprehensive audit logging for every data access event, role-based access controls, and routine security testing. Monitoring and incident response are continuous, not reactive.
AES-256 at rest, TLS 1.3+ in transit
Audit logging for every data access event
Role-based access controls across all systems
Continuous monitoring and incident response
Compliance Framework
Audited annually. Zero exceptions.
SOC 2 Type II audited for six consecutive years with zero exceptions. HIPAA controls validated across all systems. EU MDR and ISO 13485 in progress for international markets in 2027. Architected to pass the toughest regulatory scrutiny — and prove it every year.
SOC 2 Type II — 6 years, zero exceptions
HIPAA validated across all systems
EU MDR and ISO 13485 in progress for 2027
Independent third-party audit firms
International Expansion
International expansion in progress, 2027
Country-specific security posture for EU (GDPR), UK (DPA), and APAC local residency requirements. Sirona Global architecture is designed to enable regional compliance without re-platforming — the same unified system, deployed to meet local law, as international expansion rolls out in 2027.
EU GDPR-aligned data handling and residency
UK Data Protection Act compliance posture
APAC local residency via Sirona Global architecture
EU MDR + ISO 13485 pathway for medical device access
A security posture you can prove
6
consecutive years of SOC 2 Type II
Zero exceptions
AES-256
encryption at rest, TLS 1.3+ in transit
Encrypted end-to-end
FDA Class I
reporter platform designation
The only one in radiology
HIPAA
compliant by design
PHI protected end-to-end
Built for security and compliance leaders
The RadOS architecture fireside — how Sirona is built.
FAQs
What does SOC 2 Type II certification mean?
Is Sirona FDA-regulated?
What encryption does Sirona use?
How does Sirona handle HIPAA compliance?
What is the security testing process?
What regulatory certifications is Sirona pursuing for international markets?