HIPAA and Privacy Procedures

CMed understands the critical importance of security and backs this up with two leading international designations.

We are HIPAA compliant and use a variety of industry-leading security mechanisms.

CMed follows the ISO/IEC 27001 information security management standards. This standard means that CMed follows specific recommendations intended to bring information security under explicit management control. These standards require, among other things, that management:

• Systematically examine the organization’s information security risks, taking account of the threats, vulnerabilities and impacts;
• Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable
• Adopt an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis.