Security & Compliance
SOC 2 Certification
SOC, which stands for System and Organizational Controls, is a framework developed by the American Institute of Certified Public Accountants for the purpose of providing regular, independent attestation of the controls that a company has implemented to mitigate information-related risk. Passing the SOC audit means a company’s data management policies, procedures, and systems have been independently audited and approved. A client engaging AdminisTEP, which is SOC certified, can have full confidence that its information is safe.
MDiQ’s Compliance Committee has general responsibility for overseeing implementation of compliance, ethics, and security programs, policies, and procedures that are designed to mitigate compliance and regulatory risks.
MDiQ is an industry leader in HIPAA compliance and security. All access controls and security are enforced by a dedicated security officer whose primary responsibility is to ensure HIPAA security compliance and infrastructure security. MDiQ is committed to ensuring that its products and services meet or exceed legal obligations with respect to the use, disclosure, storage and destruction of Protected Health Information (“PHI”) as governed by HIPAA (Health Insurance Portability and Accountability Act).
MDiQ employs an event management system that measures the health and performance, and thresholds of all critical variables in the MDiQ environment. This provides a proactive approach whereby indicators are measured on an interval basis for a real-time, non-intrusive health check, which allows MDiQ to identify a problem before it becomes a problem so the proper evasive action and/or replacement can be scheduled. The following outlines the Business Continuity Tools:
- Event Management
- Performance Management
- Threshold Management
- Outage Management
- Security Management
- Change Control Management
- Ticket Tracker
- Policy & Procedures
MDiQ has in place state of the art co-location facilities that provide the infrastructure for application hosting, data warehouse hosting, and e-business applications hosting. Our co-location facilities sit on the backbone of all major carriers in the Metroplex and are powered by redundant power sources and generators, off-site storage, online SAN storage, and that employs bio-metrics security for access.
Using AdminisTEP’s SaaS model, you can ensure compliance as regulations change. From compliance with transaction standards to meeting regulatory requirements, AdminisTEP helps you avoid hassles and potential financial penalties. AdminisTEP’s capabilities include:
- Conversion of non-standard formats (XML, flat file, etc.) into standard X12 formats
- Division of Financial Responsibility (DOFR) — electronic storage and retrieval (California)
- Electronic management and medical records and correspondence to comply with regulatory deadlines
- Transaction translation for 4010 to 5010, and payer companion guides
- Electronic management of appeals, grievances, and responses to comply with regulatory deadlines
- HIPAA transaction/code sets and security infrastructure
- Fraud detection business rules