Cradle CMS gets an overall rating of A+ from Qualys SSL labs tests. This means that the projects running on a Cradle CMS installation gets this rating as well.
To be HIPAA compliant, etc., you must use Federal Information Processing Standards (FIPS) compliant crypto. FIPS is a U.S. government computer security standard rule set that cryptography in products must adhere to. We compile our code with a cryptographic method that uses a FIPS 140-2 certified crypto library.