Jopari is compliant with state and federal security and privacy requirements. Jopari’s Security and Privacy controls are based on the Federal Government National Institute of Standards and Technology Framework Control Families (NIST https://www.nist.gov/ ). In addition, Jopari is compliant with the National Automated Clearinghouse Associations EFT Rules as well as the CAQH CORE Phase III EFT and ERA Operating Rules. Jopari’s Compliance Risk Management Governance Program ensures our applications and business processes are certified annually for SOC 2 Type II, SOC Cybersecurity and Shared Assessment AUP Risk Management Evidence Based Certification by the American Institute of Certified Public Accountants (AICPA).
“How can I verify Jopari’s applications are secured and meet federal and state requirements?”
Our customers and regulators expect independent verification of security, privacy and compliance controls. Jopari undergoes an independent third party audit certification on a regular basis to provide this assurance. This means that an independent auditor has examined the controls present in our data centers, infrastructure and operations. Jopari solutions has an annual audit for the SOC 2 Type II that cross references the following security and privacy control standards that includes HIPAA, FISMA, FEDRAMP, NIST , Cyber Security Framework, SIG, Cobit and GLB.
“Can I obtain a copy of Jopari’s Certification Audit report?”
The SOC 2 Type II report proves that our controls have been examined by an independent accountant. It represents the practitioner’s report on management’s assertion(s) that the entity’s business being relied upon is in conformity with the applicable Trust Services Principle(s), Security and Privacy Criteria. For Inquires relating to Jopari’s SOC2 Type II certification, please contact info@jopari.com for more information.
“What industry and standard setting organizations does Jopari Support?”
Jopari holds leadership positions in many of the following industry and standard setting organizations that we support in an effort to facilitate stakeholder electronic data interchange adoption across all lines of healthcare business:
- The Workgroup for Electronic Data Interchange (WEDI)
- ASC X12
- NCPDP
- National Uniform Billing Committee (NUBC)
- National Uniform Claim Committee (NUCC)
- The Electronic Payments Association (NACHA)
- CAQH CORE
- National Institute of Standards and Technology (NIST)
- Health Level Seven International (HL7)
- Cooperative Exchange, the National Clearinghouse Association
- International Association of Industrial Accident Boards and Commissions (IAIABC)
- National Council of Compensation Insurance (NCCI)
- National Council of Self Insurers (NCSI)
- California Workers’ Compensation Institute (CWCI)
- Workers’ Compensation Research Institute (WCRI)
- Workers’ Compensation Institute (WCI360)
- Southern Association of Workers’ Compensation Administrators (SAWCA)
- American Association of State Compensation Insurance Funds (AASCIF)
- Workers’ Compensation Claims Professionals (WCCP)
- Workers’ Compensation Insurance Organizations (WCIO)
- Health and Human Services Department (HHS)
- HHS Health Information Privacy
- HIPAA Privacy Rule
- HIPAA Security Rule
- Centers for Medicare & Medicaid Services (CMS)
- Transaction and Code Set Standards
- The National Committee on Vital and Health Statistics (NCVHS)
- AMA Workers’ Compensation and P&C eBilling Toolkit
- Healthcare Information Management Systems Society (HIMSS)
- Healthcare Billing Management Association (HBMA)
- Medical Group Management Association (MGMA)
- American Health Information Management Association (AHIMA)