Compliance Advisor

MedStack's support team is armed with compliance experts. Level up your organization’s compliance knowledge from day 1 and operate with confidence without the expense of an in-house compliance team. Your team will have access to a dedicated MedStack Compliance Advisor who can help answer all of your compliance questions and ensure that you are set up for ongoing success.

Included

• Accepting an invitation to join an Exos organization when explicit consent is given
• Advise on the mappings performed by customers between HIPAA clauses, policies, and procedures
• Will perform a gap analysis on the customer’s mapping to HIPAA compliance. The outcome of this work will be a statement informing: “Yes/No, your policies and procedures are/not HIPAA compliant.”
• Clarity on advising what can be documented as an asset and software inventory
• Providing compliance reports to auditors

Excluded

• Providing product support on how-to use the product
• Authoring policies and procedures
• Uploading Evidence to an Exos organization
• Accepting an invitation to join an Exos organization without explicit consent (it is a compliance violation for us to have access to an organization’s evidence without consent)
• Perform mapping between customer policies and procedures to HIPAA clauses (i.e., MedStack will require that the customer attempt to make some relationship between these entities first)
• Validating evidence
• Performing some tasks that a consultant would do:
  • Reviewing policies for using proper legal language
  • Reviewing policies for completeness as it relates to their business
• Anything else that has not been mentioned in the “Included” list above (i.e., if it’s not listed in the “included” list above, it is out of bounds until it’s to be discussed at a later time)