loader
banner

Security & Compliance

SOC 2 Certification

SOC, which stands for System and Organizational Controls, is a framework developed by the American Institute of Certified Public Accountants for the purpose of providing regular, independent attestation of the controls that a company has implemented to mitigate information-related risk. Passing the SOC audit means a company’s data management policies, procedures, and systems have been independently audited and approved. A client engaging AdminisTEP, which is SOC certified, can have full confidence that its information is safe.

img
img

Compliance Committee

MDiQ’s Compliance Committee has general responsibility for overseeing implementation of compliance, ethics, and security programs, policies, and procedures that are designed to mitigate compliance and regulatory risks.

Security Safeguards

MDiQ is an industry leader in HIPAA compliance and security. All access controls and security are enforced by a dedicated security officer whose primary responsibility is to ensure HIPAA security compliance and infrastructure security. MDiQ is committed to ensuring that its products and services meet or exceed legal obligations with respect to the use, disclosure, storage and destruction of Protected Health Information (“PHI”) as governed by HIPAA (Health Insurance Portability and Accountability Act).

Administrative Safeguard

MDiQ employs administrative safeguards that include security management processes, an assigned security officer, workforce security, access management, awareness & training, incident procedures, contingency plan, non-disclosure and business associate contracts, policies & procedures, and applicable documentation.

Physical Safeguard

MDiQ employs multiple layer physical safeguards that include facility access controls, desktop use, desktop security, card swipe, facial recognition, palm biometrics, and other device & media controls.

Technical Safeguard

MDiQ technical safeguards include access controls, audit controls, data integrity, entity authentication, policy-based firewall, virus scanning, email filtering and transmission security.
img

Business Continuity

MDiQ employs an event management system that measures the health and performance, and thresholds of all critical variables in the MDiQ environment. This provides a proactive approach whereby indicators are measured on an interval basis for a real-time, non-intrusive health check, which allows MDiQ to identify a problem before it becomes a problem so the proper evasive action and/or replacement can be scheduled. The following outlines the Business Continuity Tools:

  • Event Management
  • Performance Management
  • Threshold Management
  • Outage Management
  • Security Management
  • Change Control Management
  • Ticket Tracker
  • Policy & Procedures

MDiQ has in place state of the art co-location facilities that provide the infrastructure for application hosting, data warehouse hosting, and e-business applications hosting.  Our co-location facilities sit on the backbone of all major carriers in the Metroplex and are powered by redundant power sources and generators, off-site storage, online SAN storage, and that employs bio-metrics security for access.

Regulatory Compliance

Using AdminisTEP’s SaaS model, you can ensure compliance as regulations change. From compliance with transaction standards to meeting regulatory requirements, AdminisTEP helps you avoid hassles and potential financial penalties. AdminisTEP’s capabilities include:

  • Conversion of non-standard formats (XML, flat file, etc.) into standard X12 formats
  • Division of Financial Responsibility (DOFR) — electronic storage and retrieval (California)
  • Electronic management and medical records and correspondence to comply with regulatory deadlines
  • Transaction translation for 4010 to 5010, and payer companion guides
  • Electronic management of appeals, grievances, and responses to comply with regulatory deadlines
  • HIPAA transaction/code sets and security infrastructure
  • Fraud detection business rules
Skip to content