Mendix Raises the Low-Code Bar Again With New, Gold-Standard Certifications for Healthcare Data and Payment Processing
Mendix Cements Position as Industry’s True Enterprise-Grade Low-Code App Development Platform, Even for Sensitive Financial and Healthcare Use Cases
Mendix, a Siemens business and global leader in low-code application development for the enterprise, announced that it has received two key cloud security and privacy certifications: ISO/IEC 27017 for information security controls for cloud services and ISO/IEC 27018 for protection of personally identifiable information in the cloud. Additionally, an independent third-party assessor, Drummond Group, has validated Mendix’s compliance with the HIPAA requirements, the regulation created to implement the Health Insurance Portability and Accountability Act, which governs the security and privacy of patient health care information in the United States.
Together, these certifications and validation, along with a series of other credentials it previously earned, put Mendix ahead of every other low-code platform for security and healthcare privacy. Organizations of every description — from health care, to finance and insurance, to virtually any enterprise that leverages the cloud and requires the highest levels of security and privacy — can confidently use the Mendix low-code platform to build their digital solutions.
Recommended AI News: Kryon Launches Industry-First Full Cycle Automation-as-a-Service Powered by AWS
The HIPAA validation is particularly timely in light of the Covid-19 pandemic, which has fast-tracked the need for virtual and remote healthcare solutions around the globe. Patients need mobile applications that give them the ability to schedule visits or connect directly with their medical providers, as well as easy access to their personal health data and medications. And Covid test tracking and contact tracing applications are proliferating throughout the U.S. and the world.
Drummond Group, a recognized leader in healthcare and HIPAA compliance, performed its comprehensive HIPAA Gap Assessment to evaluate Mendix’s compliance with the HIPAA requirements regarding the confidentiality, integrity, availability, and privacy of protected health information. The assessment scrutinizes a broad range of safeguards, processes, policies and documentation. Mendix passed the evaluation without a single gap being identified.
“The HIPAA Gap Assessment with Mendix was conducted using the proven Drummond methodology, and through that we were able to verify the essential controls required for HIPAA compliance are in place,” said Justin Graham, Drummond HIPAA certification expert. “We know how important it is for Mendix to be HIPAA compliant for their customers to reduce their risk and have confidence that Mendix is carefully safeguarding protected patient health information.”
Mendix enables the healthcare industry and healthcare providers to provide safe, secure, and innovative solutions that address patient and provider needs, while maintaining strict privacy controls in compliance with HIPAA protocols.
“Anytime you’re dealing with a healthcare environment, particularly hospitals, security and privacy are paramount concerns,” says Richard D. Palarea, CEO & co-founder of Kermit, a company that helps hospitals manage and dramatically reduce costs for “physician preference items” or PPI, using a solution it built on the Mendix platform. “While our work doesn’t touch patients directly, you can’t overestimate the value of verified HIPAA compliance to a hospital executive. It’s a credential that adds to our credibility. The fact that Mendix has third-party HIPAA validation is an important plus for us and our clients.”
Secure processing of credit card data and protection of personally identifiable information are two additional security requirements that have become paramount as businesses pivoted to curbside pickup, online-only transactions, and other socially distanced practices during the pandemic. Late last year, the Mendix platform became PCI–Payment Card Industry Data Security Standard Level 1 certified, the highest level of certification for processing credit card transactions. Enterprises can use Mendix to create applications that involve storing, processing or transmitting cardholder data or other sensitive authentication data, knowing that the Mendix cloud and processes have been vetted by a PCI Qualified Security Assessor.
“Make no mistake about it — we take the security and compliance of our customers’ applications and data in the cloud with the utmost seriousness,” said Frank Baalbergen, chief information security officer at Mendix. “Certainly, no other low-code platform, and few platforms of any type, can match the level of third-party certification and validation that Mendix has earned. Transactions are moving online at an ever-increasing pace. It is imperative that businesses and consumers know that their information, especially sensitive healthcare and financial data, are safe. Mendix will always go the extra mile to make it so.”
The International Organization for Standardization and International Electrotechnical Commission are independent, international standards organizations, both based in Geneva, Switzerland. ISO and IEC are recognized around the globe as the defacto standard for publishing standards in any market. HIPAA is the Health Insurance Portability and Accountability Act of 1996, and the mandated regulations from the U.S. Department of Health and Human Services, establishes national security and privacy standards for the handling of sensitive health care patient data.
Recommended AI News: Litmus and Oden Partner to Offer Complete IIoT Solution for Smart Manufacturing