Medac Successfully Achieves SOC 2 Type 2 and HIPAA Compliance

Share Article

Medac, a leading Medical Business Management provider dedicated to the revenue cycle management functions associated with the delivery of anesthesia services, announced today that the organization has successfully completed its System and Organization Controls (SOC) 2, Type 2 examination. Medac also announced the successful completion of their 2019 HIPAA assessment, citing all efforts were completed by a professional and independent third-party audit firm, 360 Advanced, Inc.

Medac Logo

Medac Logo

“We continuously educate and re-educate our workforce, implement and refine policies and procedures with security in mind, and invest in technologies that harden our infrastructure to ensure sensitive information is protected.” - Chief Information Security Officer at Medac

Medac, a leading Medical Business Management provider dedicated to the revenue cycle management functions associated with the delivery of anesthesia services, announced today that the organization has successfully completed its System and Organization Controls (SOC) 2, Type 2 examination. Medac also announced the successful completion of their 2019 HIPAA assessment, citing all efforts were completed by a professional and independent third-party audit firm, 360 Advanced, Inc.

Completion of the SOC 2 Type 2 examination is widely recognized for demonstrating an organization’s commitment to the AICPA Trust Services Criteria, including: Security, Availability, Processing Integrity, Confidentiality, and Privacy.

Companies that undergo annual SOC 2 examinations are able to demonstrate a substantially higher level of assurance and operationally visibility than those companies who do not, offering Medac an edge over competitors.

“At Medac, security is paramount and is built into every process and procedure. We continue to focus our teams on providing meaningful and robust compliance and security solutions for our customers.” says Bellinger Moody, President at Medac, “We are proud that our diligence has brought about another successful SOC examination.”

Furthermore, Bryan Hemerka, Chief Information Security Officer at Medac stated, “We understand that compliance and security are best implemented through people, processes, and technologies."

"We continuously educate and re-educate our workforce, implement and refine policies and procedures with security in mind, and invest in technologies that harden our infrastructure to ensure sensitive information is protected.”

The Health Insurance Portability and Accountability Act, or HIPAA, defines policies and procedures required of companies that store, process, or handle electronic protected health information (ePHI).

The HIPAA Security Rule is a United States federal regulatory requirement specifying a series of administrative, physical, and technical safeguards for assuring the confidentiality, integrity, and availability of certain healthcare data. HIPAA compliance has become increasingly mandatory to managed service providers providing services to organizations that store healthcare data.

Medac has maintained compliance initiatives regularly since 2015.

About Medac
A privately held corporation, Medac is one of the nation's largest, independently owned, anesthesia revenue cycle management companies, dedicated exclusively to anesthesia and pain management. Medac's revenue cycle management services are designed to assist clients with the business management functions associated with the delivery of anesthesia services - in particular, the billing and collection functions - thereby permitting providers and facilities to focus on providing quality medical services to their patients. Medac's quality, results-oriented commitment to clients provides the most comprehensive and personalized service possible while optimizing reimbursement. For additional information, visit https://medac.com.

For Medac inquiries, please contact:
Bellinger Moody
bmoody(at)medac.com

About 360 Advanced
360 Advanced is a national Cybersecurity Compliance Audit firm based in St. Petersburg, Florida. Services provided include Penetration Testing, GDPR, SOC 1, SOC 2, SOC 3, SOC for Cybersecurity, ISO 27001, PCI-DSS, HIPAA/HITECH, HITRUST CSF, Microsoft Vendor Policy, and more. In certain states, 360 Advanced may operate under the name of Hiestand, Brand, Loughran, P.A. to meet AICPA requirements. To learn more about 360 Advanced, visit http://www.360advanced.com.

Media Contact:
Jordanne LePre
jlepre(at)360advanced.com

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Bellinger Moody
Medac
800-883-8003
Email >
Visit website