Overview

Keeping your data secure, confidential, and readily accessible are our greatest priorities. Mindbody's industry-leading cybersecurity program is based on the concept of Defense in Depth: securing our organization and your data at every layer. Our cybersecurity program aligns with CIS CSC and the NIST Cybersecurity Framework, and Mindbody is HITRUST CSF and PCI DSS Level 1 service provider certified. While no system can guard against every potential threat, Mindbody's defensive line is advanced and monitored 24/7, 365 days a year by skilled, highly trained professionals.

Mindbody’s cybersecurity team, led by our Chief Information Security Officer (CISO), is responsible for the implementation and management of our cybersecurity program. The CISO is supported by the members of Mindbody’s cybersecurity team, who focus on security architecture, product security, security engineering and operations, detection and response, and information technology risk.

The focus of Mindbody’s cybersecurity program is to prevent unauthorized access to customer data. To this end, our team of dedicated cybersecurity practitioners, working in partnership with peers across the company, take specific steps to identify and mitigate risks, implement best practices, and continuously develop ways to improve.

View our Security Policy for more information.

Compliance

GDPR Logo
GDPR
HITRUST Logo
HITRUST
PCI DSS Logo
PCI DSS
SOC 1 Logo
SOC 1
13 Documents
Pentest Report
Security Prospectus
HITRUST
PCI DSS
SOC 1
SIG Core
Information Security Policy

Risk Profile

Data Access LevelRestricted
Impact LevelModerate
Critical DependenceYes
See more

Reports

Pentest Report
Security Prospectus

Self-Assessments

SIG Core

Data Security

Backups Enabled
Encryption-in-transit

App Security

Bug Bounty
Vulnerability & Patch Management
Web Application Firewall

Infrastructure

Anti-DDoS
Amazon Web Services
Infrastructure Security
See more

Network Security

Firewall

Corporate Security

Email Protection
Employee Training
Incident Response
See more

Policies

Information Security Policy