Security
At MSCRIBED, ensuring the security of your information is our topmost priority. Here’s how MSCRIBED handles security:
A. Encryption: Where applicable, we use encryption protocols to secure the transmission of data between your device and our servers.
B. Data Protection Measures: We implement multi-layer various measures to safeguard your personal information from unauthorized access, disclosure, alteration, or destruction.
C. Access Controls: Access to your personal data is restricted to authorized personnel only with an additional multi-layer monitoring. We regularly review access permissions to ensure they are appropriate.
D. Regular Security Audits: We conduct regular security audits and assessments to identify and address any potential vulnerabilities in our systems.
E. Employee Training: Our employees undergo training on data security practices to ensure they understand their responsibilities in protecting your information.
For any security-related concerns or questions regarding our practices, please contact us at privacy@mscribed.org. During onboarding we provide more details about our security protocols and the process how we are achieving it.
To ensure HIPAA, HITECH, PHI and GDPR laws compliance MSCRIBED LLC Systems have all the following certifications
MSCRIBED LLC systems have the HIPAA compliance certification that ensures complete HIPAA/HITECH compliance according to the state and federal law.
HITRUST certification for MSCRIBED LLC systems proves our dedication to protecting customer data, adhering to federal and state security and data protection regulations. This prestigious certification was achieved through an audit of MSCRIBED LLC’s Operational systems and US and India data centers by an Authorized External Assessor. It confirms that our risk management utilizes a comprehensive and adaptable framework of specific and scalable security controls.
SOC 2
The AICPA developed SOC2 as a replacement for the widely used SAS/70 standard. It allows service providers to demonstrate they maintain appropriate controls across five key areas: Security, Privacy, Availability, Confidentiality, and Integrity.
SOC 1 Type II Certification
A SOC report, produced by an AICPA-accredited Certified Public Accountant (CPA), is an audited assessment of a data system’s security controls, verifying their effectiveness. MSCRIBED LLC systems SOC 1 Type II certification enabling clients to building trust and confidence in our operations.
ISO 9001
ISO 9001 is the world’s most recognized Quality Management System (QMS) and a valuable tool for business improvement. This international standard uses a process and risk-based approach, allowing MSCRIBED to identify potential deviations in its processes and QMS, implement preventative controls to mitigate negative impacts, and capitalize on opportunities.
ISO 27001
ISO 27001 is a global security standard that ensures a security program is implemented with effective, working processes, rather than just a policy document. It guarantees that MSCRIBED not only has a robust security program, but also actively maintains and improves it throughout the year.
ISO 27018
ISO 27018, specifically for protecting personal data in the cloud, is crucial for MSCRIBED systems. It ensures the confidentiality, integrity, and availability of sensitive patient information processed within the platform. This certification demonstrates MSCRIBED’s commitment to data privacy and security, building trust with healthcare providers and patients.
ISO 27017
ISO 27017, a cloud security standard, is crucial for MSCRIBED systems as it provides specific controls for protecting cloud-based information. It enhances the baseline security of ISO 27001 by addressing cloud-specific threats and vulnerabilities, ensuring data confidentiality, integrity, and availability within the MSCRIBED cloud environment. This certification demonstrates MSCRIBED’s commitment to robust cloud security practices, building trust with clients who rely on their cloud-based systems.