CASE STUDY

Mendix Achieves HIPAA Compliance with Drummond Methodology

Challenge

Mendix enables the healthcare industry and healthcare providers to provide safe, secure and innovative solutions that address patient and provider needs while maintaining strict privacy controls in compliance with the Health Insurance Portability and Accountability Act (HIPAA) protocols.

HIPAA validation assures compliance with strict U.S. privacy standards for personal health information. Its mandated regulations from the U.S. Department of Health and Human Services (HHS) establish national security and privacy standards for the handling of sensitive healthcare patient data. When Mendix was faced with choosing an independent third-party assessor to meet compliance requirements, it turned to Drummond. Drummond’s HIPAA Assessment helps organizations assess their current security control implementations against the HIPAA Security Rule to identify potential gaps in compliance with respect to the confidentiality, integrity, and availability of protected health information (PHI).

Approach

The HIPAA validation for Mendix was particularly timely due to the Covid-19 pandemic, which fast- tracked the need for virtual and remote healthcare solutions around the globe. Patients need mobile applications that give them the ability to schedule visits or connect directly with their medical providers, as well as easy access to their personal health data and medications. With Covid test tracking and contact tracing applications proliferating worldwide, Mendix’s assessment was completed just in time.

Drummond’s HIPAA compliance team validated Mendix’s compliance with the HIPAA requirements that govern the security and privacy of PHI in the United States.

Our team of experts performed the comprehensive HIPAA Gap Assessment to evaluate Mendix’s compliance with the HIPAA requirements regarding the confidentiality, integrity, availability and privacy of protected health information. The assessment scrutinized a broad range of safeguards, processes, policies and documentation. Mendix passed the evaluation without a single gap being identified.

“While our work doesn’t touch patients directly, you can’t overestimate the value of verified HIPAA compliance to a hospital executive. It’s a credential that adds to our credibility. The fact that Mendix has third-party HIPAA validation is an important plus for us and our clients.”

Richard D. Palarea, CEO
Kermit

Results

The HIPAA Gap Assessment done for Mendix was conducted using the proven Drummond methodology. This methodology verified the essential controls required for HIPAA compliance are in place. As a result, Mendix HIPAA compliance helps their customers to reduce risk and have confidence that Mendix is carefully safeguarding protected patient health information.

“Anytime you’re dealing with a healthcare environment, particularly hospitals, security and privacy are paramount concerns,” says Richard D. Palarea, CEO and co-founder of Kermit, a company that helps hospitals manage and dramatically reduce costs for “physician preference items” (PPI) using a solution it built on the Mendix platform. “While our work doesn’t touch patients directly, you can’t overestimate the value of verified HIPAA compliance to a hospital executive. It’s a credential that adds to our credibility. The fact that Mendix has third-party HIPAA validation is an important plus for us and our clients.”

About Mendix

In a digital-first world, customers want their every need anticipated, employees want better tools to do their jobs, and enterprises know that sweeping digital transformation is the key to survival and success. Mendix, a Siemens business, is quickly becoming the engine of the enterprise digital landscape. Its industry-leading low-code platform and comprehensive ecosystem integrates the most advanced technology to support solutions that boost engagement, streamline operations, and relieve IT logjams. Built on the pillars of abstraction, automation, cloud, and collaboration, Mendix dramatically increases developer productivity and empowers a legion of not-so-technical, ‘citizen’ developers to create apps guided by their particular domain expertise, facilitated by Mendix’s engineered-in collaborative capabilities and intuitive visual interface. Recognized as a leader and visionary by leading industry analysts, the platform is cloud-native, open, extensible, agile, and proven. From artificial intelligence and augmented reality to intelligent automation and native mobile, Mendix is the backbone of digital-first enterprises. The Mendix enterprise low-code platform has been adopted by more than 4,000 leading companies in 46 countries.

Ready to learn how Drummond can help you
achieve HIPAA compliance?

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Click to enable/disable Google Analytics tracking code.
Click to enable/disable Google Fonts.
Click to enable/disable Google Maps.
Click to enable/disable video embeds.
Our website uses cookies, some from third-party services. Define your Privacy Preferences and/or agree to our use of cookies.