My Medical Records Logo

Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Welcome to the My Medical Records Trust Center. Here, you'll find a comprehensive overview of our commitment to safeguarding your information and maintaining your trust. My Medical Records operates as a business associate, handling protected health information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and its amendments. This Trust Center is designed to provide transparency into our security and privacy practices, demonstrating how we protect the sensitive data entrusted to us.

Our trust posture is built upon a foundation of robust policies and operational practices. We prioritize the protection of customer data throughout its lifecycle, from creation and storage to interoperability and eventual deletion. Key themes you'll discover include our dedication to data protection, adherence to industry standards, and proactive operational measures.

We implement strong controls to manage and protect data, including the use of cryptographic controls and secure network protocols to ensure the confidentiality, integrity, and authenticity of information. Our policies address the secure use of end-user computing devices, the prevention of malware, and the protection of mobile devices that access or store PHI, requiring features like full-disk encryption and remote wipe capabilities.

Vendor management is a critical aspect of our security program. We meticulously evaluate and monitor our critical vendors and service providers, ensuring they meet stringent security frameworks and standards, including obtaining compliance reports like SOC 2 and ISO certificates. Contracts with third parties that handle confidential data or provide critical services explicitly define responsibilities for data security, incident response, and data destruction upon termination.

In the event of a security incident or breach, My Medical Records has a defined Incident Response Plan to ensure rapid detection, containment, investigation, and resolution. We are committed to promptly responding to such events and communicating information related to them.

This Trust Center serves as a central resource, detailing our commitment to privacy, security, and compliance. As you explore further, you'll find detailed information on our policies, controls, and the measures we take to ensure the security of your medical records.

Documents

REPORTSHIPAA Report

Risk Profile

We have secure, reliable hosting that customers can depend on. We are happy to provide details about our risk mitigation practices and recovery objectives upon request.

Self-Assessments

We are working on our security compliance. We can provide completed questionnaires upon request.

AI

We take the usage of AI seriously in our organization and work to ensure security and reliability of the AI.

ESG

We prioritize and take environmental, social, and governance (ESG) considerations seriously in our operations and decision-making processes.

Legal

We take legal matters seriously and we always engage our legal counsel to review all commercial activities. Please contact us if you have any questions.

Security Grades

We are constantly monitoring the security of our website. We will post our grades from public security rating agencies when they become available.

Built onSafeBase by Drata Logo