Privacy and security is Medchart’s top priority and our platform has been designed from the ground up with some of the most rigorous security and compliance standards in the world. Medchart engages globally with governments, regulators, standards bodies, and non-governmental organizations to ensure that our compliance offerings stay up to date. We ensure any transfer of health information is mediated by the patient who owns that data.

Privacy compliance

• Medchart complies with all federal and state privacy legislation including HIPAA, and more
• Every one of our US based requests is stored in US based servers
• Medchart staff all go through comprehensive background checks and are trained on state level privacy legislation as well as federal HIPAA and HITECH regulations
• [Visit] (https://www.medchart.com/privacy) our website for our Privacy Policy
• [Visit] (https://www.medchart.com/compliance) our website for our learn more about compliance

Bank level security

• Data is encrypted in transit and at rest. Validated by 3rd party penetration testing and TRAs
• Role based security access
• Built in audit trail into API design
• API logging and monitor
• [Visit] (https://www.medchart.com/security) our website to learn more about security

Patient mediated exchange

• Every transfer of health information happens with explicit patient consent to patient accounts