Exos support model. Get help when you need it.

1Self-ServiceExos documents are a key resource (you are here reading them)
MedStack’s policies
MedStack’s YouTube page
MedStack’s Resources page
2Support TicketIf you did not find the answer to your query in the self-service
option, please submit a ticket through Zendesk under Exos Administrative Compliance Support.
3Assigned CSMEmail your dedicated Customer Service Manager.
4Meeting/CallWe are always available to you should you require a more in-depth call to discuss business related or technical needs.

Please note: We do not consult in the process of authoring and publishing procedures.

Compliance Advisor

MedStack's support team is armed with compliance experts. Level up your organization’s compliance knowledge from day 1 and operate with confidence without the expense of an in-house compliance team. Your team will have access to a dedicated MedStack Compliance Advisor who can help answer all of your compliance questions and ensure that you are set up for ongoing success.


  • Accepting an invitation to join an Exos organization when explicit consent is given
  • Advise on the mappings performed by customers between HIPAA clauses, policies, and procedures
  • Will perform a gap analysis on the customer’s mapping to HIPAA compliance. The outcome of this work will be a statement informing: “Yes/No, your policies and procedures are/not HIPAA compliant.”
  • Clarity on advising what can be documented as an asset and software inventory
  • Providing compliance reports to auditors


  • Providing product support on how-to use the product
  • Authoring policies and procedures
  • Uploading Evidence to an Exos organization
  • Accepting an invitation to join an Exos organization without explicit consent (it is a compliance violation for us to have access to an organization’s evidence without consent)
  • Perform mapping between customer policies and procedures to HIPAA clauses (i.e., MedStack will require that the customer attempt to make some relationship between these entities first)
  • Validating evidence
  • Performing some tasks that a consultant would do:
    • Reviewing policies for using proper legal language
    • Reviewing policies for completeness as it relates to their business
  • Anything else that has not been mentioned in the “Included” list above (i.e., if it’s not listed in the “included” list above, it is out of bounds until it’s to be discussed at a later time)