Company achieves advanced security certifications demonstrating ongoing commitment to security and compliance
Conshohocken, PA – August 25, 2020 – InfoMC, a leading provider of cloud-based healthcare management and care coordination software, today announced the successful completion of their 2020 System and Organizational Controls (SOC) 1® Type 2 and SOC 2® Type 2 examinations, as well as their HITRUST® interim assessment and MARS-E compliance assessment. These achievements reflect their long-standing commitment to privacy, security, and risk management, while giving them a competitive edge in the healthcare technology industry.
“InfoMC continues to maintain a critical focus on security in our technology roadmap,” explained Jeffrey Branagh, Chief Technology Officer for InfoMC.
InfoMC’s SOC 1 Type 2 examination focused on their internal controls over financial reporting, assessed over a period of time. For their SOC 2 Type 2 examination, InfoMC was audited against the AICPA Trust Services Criteria for Security, Availability, and Confidentiality, providing assurance regarding the effectiveness of the company’s controls over a period of time. Their HITRUST interim assessment allowed them to maintain their active HITRUST CSF Certification, while their MARS-E compliance assessment confirmed that their Cloud Healthcare Management Services system meets the data security requirements of the Affordable Care Act.
“Industry-standard compliance initiatives have been a top priority for InfoMC, but MARS-E elevates our compliance protocols to a unique level. Our customers manage highly sensitive patient data on our platform, and ensuring the protection of that data is paramount,” noted Branagh.
MARS-E compliance is required for federal and state Health Insurance Exchanges under the Affordable Care Act, as well as their contractors and sub-contractors. By meeting these regulations, InfoMC can provide their solutions to federal and state health insurers, state Medicaid agencies, and other ACA administering entities, giving them a unique advantage over competitors who are not MARS-E compliant.
The efforts were completed by the professional and independent third-party audit firm, 360 Advanced, Inc. By integrating each of the initiatives into a single initiative, InfoMC and 360 Advanced were able to streamline the compliance process across the organization gaining a more thorough view of their security posture.
“Working with 360 Advanced has been an absolute pleasure,” commented Branagh. “They are easy to work with and very responsive to questions and requests. We plan to have a long working relationship with 360 Advanced for annual compliance.”
InfoMC is a healthcare technology company delivering a person-centered, collaborative care platform to health plans, payers and provider organizations. Our cloud-based solution, Incedo, provides an integrated care management platform that enhances interaction between payer, patient and provider to promote quality, efficient and effective care with actively engaged patients. Our person-centered, “whole-person care” approach addresses the behavioral, physical and social drivers that impact a member’s health. Incedo is a robust “learning system” through which our customers can measure what works best and continuously reinvent the next generation of their offerings. To learn more about InfoMC, visit www.infomc.com.