Mendix enables the healthcare industry and healthcare providers to provide safe, secure and innovative solutions that address patient and provider needs while maintaining strict privacy controls in compliance with the Health Insurance Portability and Accountability Act (HIPAA) protocols.
HIPAA validation assures compliance with strict U.S. privacy standards for personal health information. Its mandated regulations from the U.S. Department of Health and Human Services (HHS) establish national security and privacy standards for the handling of sensitive healthcare patient data. When Mendix was faced with choosing an independent third-party assessor to meet compliance requirements, it turned to Drummond. Drummond’s HIPAA Assessment helps organizations assess their current security control implementations against the HIPAA Security Rule to identify potential gaps in compliance with respect to the confidentiality, integrity, and availability of protected health information (PHI).
The HIPAA validation for Mendix was particularly timely due to the Covid-19 pandemic, which fast- tracked the need for virtual and remote healthcare solutions around the globe. Patients need mobile applications that give them the ability to schedule visits or connect directly with their medical providers, as well as easy access to their personal health data and medications. With Covid test tracking and contact tracing applications proliferating worldwide, Mendix’s assessment was completed just in time.
Drummond’s HIPAA compliance team validated Mendix’s compliance with the HIPAA requirements that govern the security and privacy of PHI in the United States.
Our team of experts performed the comprehensive HIPAA Gap Assessment to evaluate Mendix’s compliance with the HIPAA requirements regarding the confidentiality, integrity, availability and privacy of protected health information. The assessment scrutinized a broad range of safeguards, processes, policies and documentation. Mendix passed the evaluation without a single gap being identified.
“While our work doesn’t touch patients directly, you can’t overestimate the value of verified HIPAA compliance to a hospital executive. It’s a credential that adds to our credibility. The fact that Mendix has third-party HIPAA validation is an important plus for us and our clients.”
Richard D. Palarea, CEO
The HIPAA Gap Assessment done for Mendix was conducted using the proven Drummond methodology. This methodology verified the essential controls required for HIPAA compliance are in place. As a result, Mendix HIPAA compliance helps their customers to reduce risk and have confidence that Mendix is carefully safeguarding protected patient health information.
“Anytime you’re dealing with a healthcare environment, particularly hospitals, security and privacy are paramount concerns,” says Richard D. Palarea, CEO and co-founder of Kermit, a company that helps hospitals manage and dramatically reduce costs for “physician preference items” (PPI) using a solution it built on the Mendix platform. “While our work doesn’t touch patients directly, you can’t overestimate the value of verified HIPAA compliance to a hospital executive. It’s a credential that adds to our credibility. The fact that Mendix has third-party HIPAA validation is an important plus for us and our clients.”