Industry-Leading Processes You Can Count On—
Keeping you compliant and patient data secure.
The careMESH platform was built from the ground up to deliver a rigorous, compliant and user-friendly identity-proofing process that ensures all active users have their identity validated BEFORE gaining access to patient data.
Our Information Security Program is compliant with ISO 27001 leveraging our ISO 9001-compliant Quality Management System (QMS). All careMESH services comply with and exceed the requirements of HIPAA and NIST 800-63 and appropriate components are certified according to CEHRT 2015.
Our customers can rest assured that:
Enterprise customers are enrolled with strong procedural and technical processes meeting or exceeding all of the above standards.
Individual clinician enrollments combine smart multi-factor Identity Proofing (IDP) that includes the licensed provider’s official name, NPI number (from official government licensing sources), PLUS last 4 of SSN, Mobile Phone and DOB.
Patient Data, such as medical records and PHI included in messages, can only be sent to individuals via a Direct Protocol address or to individuals listed in the careMESH National Provider Directory and who complete the identity proofing process.