Back to Home
HIPAA Compliance
MDX Vision is fully committed to protecting the privacy and security of Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA).
Business Associate Agreements
We execute Business Associate Agreements (BAAs) with all covered entities before handling any PHI. Our BAAs clearly define responsibilities, permitted uses, and breach notification procedures.
Technical Safeguards
- 256-bit AES encryption for data at rest and in transit
- Multi-factor authentication for all users
- Role-based access controls
- Automatic session timeouts
- Comprehensive audit logging
- Secure API endpoints with OAuth 2.0
Physical Safeguards
- SOC 2 Type II certified data centers
- 24/7 physical security monitoring
- Biometric access controls
- Environmental controls and redundancy
- Secure disposal of hardware
Administrative Safeguards
- Designated Privacy and Security Officers
- Regular workforce training on HIPAA requirements
- Documented policies and procedures
- Annual risk assessments
- Incident response and breach notification procedures
- Vendor management and oversight
Certifications & Audits
- Annual third-party HIPAA audits
- SOC 2 Type II certification
- HITRUST CSF certification
- Regular penetration testing
Contact Our Compliance Team
For HIPAA-related inquiries or to request a BAA:
Email: compliance@mdx.vision
Phone: 1-800-MDX-HIPAA