Policies, Agreements, Terms & Conditions
MedStack Technology Compliance Policies
Information Transfer
Document information transfer security in agreements
- We do not directly transfer PHI to third parties.
Code | Section | Title |
---|---|---|
ISO | A.13.2.2 | Agreements on information transfer |
Cryptographically secure and sign communications
- Use encryption to protect all communications, including
- electronic messaging
- remote conferencing
- interactions with internet-based software applications
Code | Section | Title |
---|---|---|
ISO | A.13.2.3 | Electronic messaging |
SOC2 | CC6.7 | The entity restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission, movement, or removal to meet the entity’s objectives. |
Document non-disclosure requirements in agreements
Code | Section | Title |
---|---|---|
ISO | A.13.2.4 | Confidentiality or non-disclosure agreements |
Enforcement
- Responsible party: All managers and supervisors
- sanctions: standard
References
Code | Section | Title |
---|---|---|
ISO | A.13.2 | Information transfer |
ISO | A.13.2.1 | Information transfer policies and procedures |
SOC2 | CC6.7 | The entity restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission, movement, or removal to meet the entity’s objectives. |
Life Support Mental Health Inc. @ 2022
All Rights Reserved