NRC Health Receives 2025 CSO Award for Leadership in Cybersecurity and Healthcare Data Protection
NRC Health is proud to announce we have been named a 2025 CSO Award winner, joining an elite group of organizations recognized for excellence in cybersecurity, information risk management, and strategic innovation. Presented annually by CSO, a leading authority on enterprise security, the CSO Awards celebrate organizations and leaders who are driving transformative change across their industries through forward-thinking security strategies.
In an age when the security landscape is shifting rapidly—with AI-powered threats, growing data complexity, and increasing expectations from consumers and partners alike—this award is a meaningful testament to NRC Health’s commitment to data protection, patient trust, and digital leadership in healthcare.
Strengthening Trust in a Digital World
Trust has always been the foundation of healthcare. Patients need to know their information is safe. Providers need reliable systems to deliver care efficiently. And partners need confidence that the platforms they use are built with security at the core.
At NRC Health, we believe trust is at the core of Human Understanding, and trust begins with safeguarding the data that powers healthcare decisions and connections. That’s why cybersecurity is not an isolated function—it’s a company-wide priority.
Receiving the 2025 CSO Award is both an honor and a reflection of the tireless work our teams do every day to stay ahead of emerging threats, deliver secure innovation, and build lasting trust with healthcare organizations and their communities.
Why the CSO Award Matters
The CSO Awards are among the most prestigious recognitions in the field of cybersecurity. Each year, organizations are evaluated not just on the strength of their security posture, but on the impact and value their initiatives bring to their stakeholders. Winners are chosen for demonstrating leadership, operational excellence, and meaningful innovation in the face of evolving risks.
Beth Kormanik, Content Director of the CSO Conference & Awards, noted:
“The scope and complexity of cybersecurity responsibilities are expanding rapidly—especially in the face of emerging AI-driven threats. This year’s CSO Award winners exemplify how today’s security leaders are meeting these challenges head-on.”
For NRC Health, this recognition validates a strategic, multi-layered approach to protecting healthcare data across all touchpoints—from patient-feedback platforms to employee engagement solutions to AI-powered analytics tools.
Security Is a Team Sport
One of the guiding principles at NRC Health is that security is everyone’s responsibility. From senior executives to frontline developers, from data scientists to implementation teams, the entire organization plays a role in building and maintaining a secure environment.
“Implementing the right security controls is an organization-wide effort that starts at the top and is executed through strong collaboration between security and IT teams,” said Jen Spencer, VP Privacy Compliance at NRC Health.
“Our AI Security certification demonstrates our commitment to safeguarding data, reinforcing trust with our customers and partners.”
This cross-functional mindset has been essential to NRC Health’s cybersecurity success. It ensures that teams are aligned not only on compliance and best practices, but also on shared values: transparency, accountability, and a relentless focus on doing what’s right for patients and healthcare professionals.
AI Security: Advancing Innovation Responsibly
As artificial intelligence becomes increasingly central to healthcare operations, NRC Health has taken a leadership role in ensuring that AI tools are developed and deployed responsibly. The company is an early adopter of HITRUST’s AI Security certification, a rigorous and emerging assessment that validates an organization’s ability to safely manage data used in machine learning and predictive analytics.
NRC Health’s Huey is healthcare’s first large language model (LLM) trained exclusively on data that matters to healthcare organizations. NRC Health ingests the data, enriches it with internal knowledge bases, and tunes it just for use in each unique organization. The data stays secure, private, and is never used to train global models.
AI offers exciting possibilities—automating workflows, improving clinical outcomes, and delivering more personalized patient experiences. But it also introduces new risks: from data privacy concerns to potential bias in algorithms.
With its certification, NRC Health has demonstrated that it has implemented robust governance frameworks for AI, including:
- Strict access controls and encryption protocols
- Bias detection and mitigation strategies
- Transparent model training and documentation
- Ongoing monitoring and auditability
This proactive approach ensures that AI is not only innovative, but also ethical, secure, and aligned with the values of healthcare organizations and the communities they serve.
Healthcare Cybersecurity: The Stakes Are Higher
Cybersecurity has always been important, but in healthcare, it’s mission critical.
Healthcare data breaches are among the most costly and damaging of any industry. In recent years, health systems have faced growing threats from ransomware attacks, phishing campaigns, insider threats, and third-party vulnerabilities. The move toward digital health, while transformative, has also expanded the potential attack surface.
A single breach can lead to devastating outcomes: compromised patient safety, regulatory penalties, reputational damage, and financial loss. More than that, it erodes the trust that providers work so hard to earn.
By investing heavily in prevention, detection, and response capabilities, NRC Health ensures that its partners can continue to innovate and grow without compromising security.
What This Means for Healthcare Organizations
NRC Health partners with hundreds of hospitals and health systems across the country to elevate patient experience, build workforce engagement, and drive system-wide transformation. Each of these partnerships depends on trust.
Being recognized as a 2025 CSO Award winner signals to healthcare executives and technology leaders that NRC Health’s platforms are built with security at their core. It reassures them that data—from patient surveys to staff feedback—is being protected with the highest level of care.
And it reinforces NRC Health’s broader commitment: to be a trusted steward of healthcare data, delivering insights that empower human-centered care without compromising privacy or security.
Celebrating the Team Behind the Work
Cybersecurity is often invisible to the end user, and that’s by design. When systems are secure and reliable, patients and providers can focus on what really matters: care, connection, and healing.
This award is a recognition of the behind-the-scenes expertise of NRC Health’s security, IT, compliance, engineering, and product teams. These individuals bring deep knowledge, creativity, and integrity to every initiative, from implementing new authentication protocols to responding swiftly to global threats.
As NRC Health continues to grow, these teams will remain central to our success, guiding our company with diligence, foresight, and an unwavering dedication to trust.
Trust Is the Future of Healthcare
At NRC Health, we believe that every healthcare experience begins with a foundation of trust—and that foundation depends on strong, secure systems. Winning the 2025 CSO Award is a powerful affirmation of our mission and the values we share with our partners.
As we look to the future, we remain focused on delivering the tools, insights, and technologies that make healthcare more human, while never compromising the security of the people and data that power it.