The Health Insurance Portability and Accountability Act (HIPAA) is a federal law in the United States of America (US) that defined national standards to protect sensitive patient health information (PHI) from being disclosed without the patient’s consent or knowledge.

HIPAA is an authority document composed of mandates that delegate how companies who handle PHI belonging to residents in the US must protect this data.

How does Exos help you with HIPAA compliance?

When you run a digital health application on MedStack Control and use Exos to manage your compliance program, your company will inherit a large portion of HIPAA controls. This means that your company needs to implement only a fraction of HIPAA controls to claim compliance with the HIPAA authority document.

• Exos is a platform that allows you to manage and administer your compliance program by satisfying HIPAA controls in the form of policy attestations, procedures, and tasks that govern a company's operation.
• Organizations in Exos are pre-loaded with HIPAA clauses that allow policies to be mapped to HIPAA controls.
• Organizations that run on MedStack Control and Exos receive pre-defined policies and procedures that address a large portion of administration that would otherwise need to be done when establishing a HIPAA compliant compliance program.

Organizations running on Exos have access to Compliance Advisor who helps perform a gap analysis on your policies and procedures to identify areas where you may be non-compliant.