Do you want to pay a healthcare bill online? Make a payment now

CAQH CORE<sup>®</sup>

CAQH CORE®

The InstaMed Network is the first to be CAQH CORE (Committee on Operating Rules for Information Exchange) Phase I, Phase II and Phase III certified. The CAQH CORE rules address data critical to the healthcare revenue cycle, and cover specific requirements for exchanging information.

caqh.org

DigiCert

DigiCert

InstaMed uses TLS with 128 or 256-bit encryption using digicert certificates to provide trusted, secure eCommerce connectivity.

digicert.com

EHNAC

EHNAC

InstaMed is the first company to achieve full accreditations with the Healthcare Network Accreditation Program (HNAP) and the Financial Services Accreditation Program (FSAP) from the Electronic Healthcare Network Accreditation Commission (EHNAC). The EHNAC HNAP accreditation recognizes excellence in health data processing and transactions, and indicates that accredited organizations exceed industry-established standards and comply with HIPAA regulations. The EHNAC FSAP accreditation demonstrates that an organization meets a high standard of quality in handling protected health information and follows industry-established criteria for processing payments.

ehnac.org

EMV

EMV

InstaMed is certified with all four card brands for contact Europay, Mastercard and Visa (EMV) on the InstaMed Payment Card interface. EMV is a global standard for authenticating credit and debit card transactions with integrated chip cards at capable point of sale (POS) terminals. EMV certification ensures InstaMed can offer security for processing these chip cards.

mastercard.com

Healthcare Payments P2PE

Healthcare Payments P2PE

InstaMed is a PCI-Validated P2PE v3.0 Solution Provider. InstaMed offers healthcare organizations security for stored and processed payment card data available in the healthcare industry.

pcisecuritystandards.org

HIPAA

HIPAA

InstaMed is compliant with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which defines privacy and security guidelines and standards for the healthcare industry, and  the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009, which supports the enforcement of HIPAA requirements by raising the penalties of health organizations that violate HIPAA Privacy and Security Rules.

hhs.gov

HITRUST

HITRUST

InstaMed is certified for the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), a certifiable framework that offers organizations a comprehensive and efficient approach to regulatory compliance and risk management. HITRUST CSF incorporates healthcare-relevant federal and state regulations and standards into a single overarching security framework.

hitrustalliance.net

NACHA

NACHA

InstaMed is compliant with the National Automated Clearing House Association (NACHA) Operating Rules, which determine the legal framework for the ACH Network. NACHA is the not-for-profit association that manages the development, administration and governance of the ACH Network.

nacha.org

PCI

PCI

InstaMed is certified as a Level One v4.0 Service Provider with the Payment Card Industry Data Security Standard (PCI DSS), as well as the Visa Cardholder Information Security Program (CISP) and Mastercard Site Data Protection (SDP) Program.

pcisecuritystandards.org

Secure, Redundant Data Centers

Secure, Redundant Data Centers

InstaMed operates state of the art secure, redundant, geographically dispersed data centers to offer superior levels of security and reliability.

SSAE18 SOC 1 and SOC 2

SSAE18 SOC 1 and SOC 2

InstaMed has completed the Statement on Standards for Attestation Engagements (SSAE) No. 18 SOC 1 and SOC 2 Type II, “Reporting on Controls at a Service Organization.” These standards are issued and governed by the American Institute of Certified Public Accountants (AICPA).

aicpa.org

TrustedSite

TrustedSite

InstaMed is regularly scanned for vulnerabilities by TrustedSite.

trustedsite.com

Trustwave

Trustwave

InstaMed is audited and scanned for PCI compliance by Trustwave, the leading provider of data security and compliance services to all businesses in the payment industry including acquirers, service providers, third-party providers and merchants. This includes regular onsite assessment, monthly vulnerability scans and penetration testing.

trustwave.com