Skip to Main Content

GoHealth Prioritizes Information Security to Retain ISO 27001 Certification

By Lauren Mandel

For the third year in a row, GoHealth is excited to announce that it has obtained ISO 27001 certification for its superior information security management system. ISO 27001 is a globally-recognized certification that verifies an organization’s commitment to the protection of assets and information governance.  The certification was performed by Schellman, an Accredited Certification Body based in the United States.

This externally-audited certification analyzes the business and demonstrates how the implementation of data security management processes helps keep information secure. As part of the recertification, GoHealth has recommitted to a continual program of review, validation, and improvement.

“GoHealth is committed to keeping our customers’ data and information safe and secure,” said Shane Cruz, Chief Technology Officer of GoHealth. “We’re proud to have achieved ISO 27001 for the third year in a row, and we will continue to prioritize information security for years to come.” 

Since GoHealth was founded in 2001, the company has prioritized information security and data protection within the architecture and governance of its platform, as well as throughout its business and support methodologies. Achieving ISO 27001 certification helps demonstrate the rigorous security measures taken to protect the information assets of all GoHealth customers.

About ISO/IEC 27001

ISO is an independent, non-governmental international organization with a membership of 163 national standards bodies. Through its members, it brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards that support innovation and provide solutions to global challenges.

The ISO/IEC 27000 family of standards helps organizations keep information assets secure. Using this family of standards helps organizations manage the security of financial information, intellectual property, employee details and information entrusted to them by third parties.  ISO/IEC 27001:2013 provides requirements for an information security management system, which is a systematic approach to managing sensitive information so that it remains secure, and covers people and processes as well as IT systems and applications.

About GoHealth, Inc.

GoHealth is a leading health insurance marketplace and Medicare-focused digital health company. Enrolling in a health insurance plan can be confusing for customers, and the seemingly small differences between plans can lead to significant out-of-pocket costs or lack of access to critical medicines and even providers. GoHealth combines cutting-edge technology, data science and deep industry expertise to build trusted relationships with consumers and match them with the healthcare policy and carrier that is right for them. Since its inception, GoHealth has enrolled millions of people in Medicare plans and individual and family plans. For more information, visit

Media Resources

Media Inquiries

Email our media relations team.

News Releases

The latest from GoHealth.
Read all news releases >