Eligible’s solutions are only available via TLS

Eligible to Act as Oscar’s Hosted Real-Time Eligibility Vendor

Supporting the Patient Protection Promise.
Read the blog post  Security.
Products  Save patients from surprise medical bills, and medical pro viders from delayed payments Patient Insurance Billing  Verify, estimate, and bill patients.

Provider Insurance Billing  Verify

submit, and bill insurers.
Pricing .
Browse Our Network .
Discover The Community .
Read The Blog .
Support.
Sign in.
Get Started.
Best-in-class security, privacy, and compliance.

Eligible applications and services are designed to safeguard your privacy

Automated controls ensure your data remains protected.
Industry proven, we are certified by: SOC2, HiTrust, CAQH, NIST.

Security  Secure by design

we are ever vigilant, continuously monitoring.
Privacy  We ensure customer and patient data remains confidential .
Industry Certified  We have been awarded major healthcare compliance certifications .
Our approach to security .

Eligible takes a holistic approach to security: risk assessment

threat protection, and constant monitoring are built into everything we do.
Secure by design.

To keep your data safe Eligible Security evaluates threat models

builds layered defenses, and as a component of every product and service we offer automates process controls, exception monitoring, and auditing.
Compliant by design.
Our systems are designed from the ground up with compliance in mind.
We know you care deeply about this subject, and we will never risk your confidence.
Our certification s prove our adherence to industry defined best practices.
Continuous monitoring.
We’re always watching – in a non-creepy kind of way.
Whether through automated systems or personal interaction , we maintain a constant state of oversight to ensure our systems are secure, reliable, and available.
Industry best practices .
Risk assessment, infrastructure as code, continuous integration, automated deployments, strict access and privilege escalation controls, vigilant monitoring, regular audits, incident response playbooks, penetration testing, staff training, and so much more.
Encryption.
Everything is encrypted at rest as well as in transit.
Confidential data is always encrypted, both at the client as well as server side.
Keys.

Master and SSL keys are securely stored in Hardware Security Modules

from where they are available to perform crypto operations but are never made directly accessible to anyone.
Transport layer security.
Eligible’s solutions are only available via TLS, and furthermore only support an approved subset of cipher suites with PFS, DHE, or ECDHE with DH params at 3072 bits or more.
Additional measures.
We run automated vulnerability scans and perform proactive patch management.
In addition, we regularly perform data-driven risk assessments.

In-Depth defense and layered security Many tiered security groups

Network and Host-based firewalls

Network and sub-network isolation.
Multi-factor authentication.
A low attack surface.
Everything as code Infrastructure.
Accounts and Permissions.
Auditing and Compliance.
Product documentation and references.
Privacy and confidentiality.
We always ensure customer and patient data remains confidential and secure.
All system design, development, implementation, testing, and deployment processes ensure that confidential information is always protected.
We adhere to regulatory and legislative compliance requirements, enforcing our commitment to the highest standards.
Confidential information is protected from unauthorized access, use, or disclosure during input, processing, output, retention, and disposition.
We address human factors in information security with awareness and policy compliance training provided to all staff.
Availability.
We pair deep redundancy with our ‘Defense in Depth’ architecture.
We offer high availability at every level, allowing for transparent scaling, and securing both resiliency and uptime for our customers.
We provide transparent status reports in real time, all the time.
Systems are deployed in geographically separated data centers.
We ensure the availability of our data and processing resources.
Services are monitored 24/7, with an immediate response provided for any incident.
We perform regular review and testing of disaster response plans.
Compliance at Eligible.
We have been awarded four major healthcare compliance certifications and have more on the way.
We invite external auditors to validate all we have built.
EHNAC accreditation.
These accreditations assure patients and providers that Eligible has accomplished the strictest compliance with privacy and security best practices while processing millions of healthcare cases each month.
Read the blog post  SOC II compliant.
We fully understand the role of a mature and proven information security program in meeting Eligible and customer goals.
We are happy to announce the successful completion of our Type II SOC2 review.
Read the blog post  HiTrust certification.
Achieving this certification helps us assure our customers and the companies with which we interact that we understand our responsibilities in keeping protected health information safe.

Read the blog post  CAQH CORE certification

This confirms that Eligible can exchange electronic healthcare information for eligibility, benefits, claims status, and EFT and ERA, .

In conformance with the Phase I-III CAQH CORE Operating Rules

Read the blog post  EHNAC.

Evaluates process & resources for Eligible and its CSP

SOC.
Ensuring strict adherence to trust service principles.
HITRUST.
Participating in healthcare’s common security framework.
CAQH CORE.
Standardizing and simplifying healthcare transactions.
NIST 800-53.
Enforcing security controls that meet federal requirements.
chevron_left chevron_right Make patients happier with transparent health insurance billing Start Now Contact Sales © 2020 Eligible, Inc.
Products.
Patient Insurance Billing.
Provider Insurance Billing.
Community.
Blog.
Get Started.
Sign In.
© 2020 Eligible, Inc.
Patient Medical Billing.
Insurance Medical Billing.
Community.
Blog.
Support.
Sign In.
Get Started.

Leave a Reply

Your email address will not be published. Required fields are marked *