One of our greatest responsibilities at Medipass is ensuring the information that we manage is secure and confidential. We make this responsibility a priority and are committed to remaining an industry leader in this space.
What we do to protect information
In order to deliver a service that meets our high expectations for information security, we employ a range of policies and processes specifically designed to ensure a high level of security, and to keep it there.
Medipass is committed to optimising our information security performance consistent with our risk appetite. In providing services to our clients, Medipass Solutions has access to their information and we expect that all staff and contractors have a clear understanding of their information security obligations. Medipass also has our own information much of which needs to be secured to enable the business to operate effectively.
As a medical insurance claims software developer for our clients, Medipass is committed to industry standards for the development lifecycle and the incorporation of information security into each phase of this lifecycle. We will ensure that information security is a key element of this and our ongoing client servicing.
To assist us in assuring our information security performance, Medipass is committed to the implementation, maintenance and continual improvement of our Information Security Management System. Medipass will assure the ISMS through seeking compliance with and certification to ISO 27001. The purpose of this ISMS and this policy is to achieve the following objectives:
Medipass is committed to ensuring that our ISMS is capable of meeting owners, clients and legal requirements for information security. To achieve this end, Medipass is fully committed to the recruiting and skilling of its staff to deliver information security outcomes that are consistent with our risk appetite.
If you’ve discovered a security vulnerability in our platform or service, please email us at firstname.lastname@example.org. We will respond promptly. To help us resolve the issue quickly, we request that you:
We won’t take legal against you or administrative action against your account if you act accordingly.
Although we do not have a security “bounty program”, we’ll make best endeavours to recognise your goodwill.
If you have any questions about security or privacy, please contact us at email@example.com.
Alternatively, you may use the following PGP key to encrypt your communications with Medipass.