Butterfly Network Inc. develops, manufactures, and commercializes ultrasound imaging solutions with a mission to democratize healthcare around the globe.

Butterfly shows their dedication to international security by partnering with A-LIGN to achieve ISO/IEC 27001, C5, StateRAMP, and NHS DSPT England Security compliance.    

The challenge

With the appointment of a new Chief Information Security Officer Mike Tiemeyer, a seasoned technology executive, Butterfly revamped its Information Security program and took on the challenge of simultaneously completing planning and readying four assessments slated for 2025.

“A-LIGN’s people have been tremendous. We have great relationships with them. I feel like it’s a true partnership. I don’t feel like I’m chasing people down for answers because they are so proactive.”
-Mike Tiemeyer, CISO

This tall task to strengthen Butterfly’s security posture involved pulling together all elements into a coherent plan that could be executed on time so the company could provide assurance to their global clients that their data was in good hands.

This initiative, a first for Butterfly, leveraged the team’s internal security expertise and resources, but also required an auditor capable of conducting multiple audits within the same cycle.

Why A-LIGN

CISO Mike Tiemeyer initially chose A-LIGN as his previous company’s audit provider based on numerous recommendations from professionals in his network.

With his prior experience handling multiple frameworks to support a diverse compliance portfolio, Mike knew A-LIGN would be the perfect partner to help revitalize Butterfly’s Information Security program by managing their upcoming assessment needs.

In a short time, Butterfly has built a strong and collaborative relationship with A-LIGN, thanks to Mike’s long-standing association with the firm.

The Butterfly Security team finds the experience with A-LIGN to be vastly different from past experiences with other auditors in the cybersecurity certification space, which were marked by ambiguity and reactive practices.

“We don’t want to be in a constant state of audit. Having an assessment firm like A-LIGN, which has conducted an independent assessment across hundreds of requirements and artifacts to obtain multiple high-quality audit reports, is truly a badge of honor.”
-Mike Tiemeyer, CISO

Butterfly values A-LIGN’s people, from the audit team to the account team, considering them the firm’s greatest asset. During the engagement process, A-LIGN demonstrated clear communication and thorough planning, which contributed to the success of their collaboration.

Butterfly views the partnership as more than just transactional, aiming to improve their security practices and push A-LIGN to conduct the best and most thorough audits possible, resulting in high-quality audit reports they can be proud of.

The team also finds great value in the efficiency driven by A-LIGN’s A-SCEND platform, which allows them to save valuable time and resources by uploading evidence across multiple frameworks.

“I sleep better night knowing that we have A-LIGN as our partner. They’re always there making sure that we’re moving forward and pushing us as much as we’re pushing ourselves to ensure that we get done in time.”
-Mike Tiemeyer, CISO

The Butterfly team emphasizes the importance of aligning assessments into a singular audit cycle, a white-glove approach that A-LIGN calls audit harmonization.

With this new consolidated audit approach, the Butterfly team anticipates saving time, money, and resources as they successfully complete their four planned assessments. Butterfly looks forward to a bright future with a continuously expanding compliance program, supported by the expertise and efficiency of working with A-LIGN.

About Butterfly Network

Butterfly Network, Inc. is an innovative digital health company transforming care through a unique combination of portable, semiconductor-based ultrasound technology, software, services and educational offerings that can make medical imaging more accessible than ever before. Butterfly’s solution enables the practical application of ultrasound information into the clinical workflow through affordable hardware that fits in a healthcare professional’s pocket and is paired with cloud-connected software that’s easily accessed through a mobile application.

Butterfly created the world’s first handheld single-probe, whole-body ultrasound system using semiconductor technology, Butterfly iQ. The company has continued to innovate, leveraging the benefits of Moore’s Law, to launch its second-generation Butterfly iQ+ in 2020, and third generation iQ3 in 2024 – each with increased processing power and performance enhancements. The disruptive technology has been recognized by TIME’s Best Inventions, Fast Company’s World Changing Ideas, CNBC Disruptor 50, and MedTech Breakthrough Awards, among other accolades.

The Company is also helping streamline and optimize deployment of ultrasound at scale across hospital systems with its Compass™ software that integrates into health system infrastructures and connects across all departments and specialties. With this comprehensive portable ultrasound solution, protected by a robust intellectual property portfolio, Butterfly is on a mission to democratize healthcare by increasing access and use of ultrasound information wherever care is being delivered – whether a large healthcare system, a rural clinic, a global conflict zone or beyond.