New Relic (NYSE: NEWR), the observability company, today announced that the New Relic One Platform hosted in Amazon Web Services (AWS) has earned Certified status for information security by HITRUST. HITRUST Risk-based, 2-year (r2) Certified status demonstrates that the organization’s New Relic One Platform hosted in Amazon Web Services (AWS) has met key regulations and industry-defined requirements and is appropriately managing risk. This achievement places New Relic in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST Assurance Program helps organizations address security and data protection challenges through a comprehensive and flexible framework of prescriptive and scalable security controls. 

The certification follows the launch of New Relic’s industry-first HIPAA-compliant observability platform, making it the first and only in the industry to attain these achievements for its full platform. By earning the HITRUST Risk-based, 2-year (r2) Certified status, New Relic meets industry-defined regulations to secure patient Protected Health Information (PHI) when managing telemetry data. 

As healthcare and life sciences organizations accelerated their digital transformation journeys during the COVID pandemic, Observability became business critical for them to ensure world-class digital experiences for their patients, providers and partners. However, adopting best-in-breed Observability practices has been a challenge for engineering teams as most Observability solutions do not meet the required security and data protection regulations. The most difficult challenge has been around securing patient PHI. Today’s launch helps overcome this critical challenge by ensuring that all of the telemetry data collected in New Relic ―including metrics, events, logs and traces―is part of a HIPAA-compliant and HITRUST Risk-based, 2-year (r2) Certified solution.

“Our mission is to empower every engineer with observability. However, engineering teams in healthcare and life sciences organizations have traditionally not been able to widely adopt observability practices due to security and data protection regulations,” said Wendy Sheppard, SVP & GM, Telemetry Data Platform. “To address this opportunity, we launched the industry’s first HIPAA-compliant observability platform last year and are announcing the HITRUST Risk-based, 2-year (r2) Certification today. These milestones demonstrate our commitment to helping healthcare organizations deliver world-class experiences while keeping PHI secure.”

"Improving patient experiences and lowering prices in the pharmaceutical industry require tremendous cross-functional expertise and operational excellence from countless technology providers, and ensuring that our patient data is safeguarded is a critical part of that," said Selvam Velmurugan, chief technology officer at Blink Health. "With New Relic's observability platform, our engineering teams can confidently resolve incidents faster, while ensuring that sensitive, valuable patient data remains uncompromised―all a tremendous value to our organization.”

“The HITRUST Assurance Program is the most rigorous available, consisting of a multitude of quality assurance checks, both automated and manual,” said Bimal Sheth, Executive Vice President, Standards Development & Assurance Operations, HITRUST. “The fact that New Relic has achieved HITRUST Risk-based, 2-year Certification attests to the high quality of their information risk management and compliance program.”

New Relic’s HIPAA-compliant and HITRUST Risk-based, 2-year (r2) Certified solution is generally available for eligible New Relic customers with the company signing Business Associate Agreements (BAAs) to protect patient health information spanning cloud and on-premises environments. In addition to HIPAA compliance and HITRUST Risk-based, 2-year (r2) Certification, New Relic enables customer success with a strong regulatory posture in security, privacy and compliance, including SOC2, GDPR, and FedRAMP. For more information, visit newrelic.com or read our blog.

Forward-looking statements

This press release contains “forward-looking” statements, as that term is defined under the federal securities laws, including but not limited to statements regarding New Relic’s HIPAA-compliant observability platform, and expectations regarding opportunities for New Relic to serve healthcare and life science organizations, including any anticipated benefits, results and future opportunities related thereto. The achievement or success of the matters covered by such forward-looking statements are based on New Relic’s current assumptions, expectations, and beliefs and are subject to substantial risks, uncertainties, assumptions, and changes in circumstances that may cause New Relic’s actual results, performance, or achievements to differ materially from those expressed or implied in any forward-looking statement. Further information on factors that could affect New Relic’s financial and other results and the forward-looking statements in this press release is included in the filings New Relic makes with the SEC from time to time, including in New Relic’s most recent Form 10-K and Form 10-Q, particularly under the captions “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” Copies of these documents may be obtained by visiting New Relic’s Investor Relations website at http://ir.newrelic.com or the SEC's website at www.sec.gov. New Relic assumes no obligation and does not intend to update these forward-looking statements, except as required by law.