MDBilling.ca protects your data between our application (web and mobile app) and our servers, as well as files in storage. This means your files are secured from end-to-end with tough, 256-bit SSL encryption. The same level of security as your bank.
Business continuity is vital for all companies, particularly those on the front lines. We back up our entire suite every hour. That includes all of your data, which is stored in a secure facility. Should the unthinkable happen at your place of work or at home, we’ve got your back. Simply, log into your account and all of your claims, preferences and settings will be ready for you.
We’ve gone great lengths to ensure that not only do we believe our systems protect your data but that independent parties have confirmed our platform to be safe and secure. MDBilling.ca has successfully completed conformance testing to meet the standards of the Ministry of Health & Long Term Care which allows secure access to MCEDT and Health CardVerification (HCV). In addition, we have undertaken and finalized a Privacy Risk Assessment (PIA) and Threat and Risk Assessment (TRA) by a certified third-party vendor.
To further restrict access to your data, we have implemented an advanced Web Application Firewall (WAF) from Cloudflare. This ensures that only people working from authorized locations can log into our systems while protecting from malicious activity like DDoS attacks, malicious bots, and other nefarious intrusions.
Our servers are scanned for vulnerabilities regularly. These scans test our servers to identify any new security problems. Security concerns are addressed and contained quickly. In addition, we have employed third-party security experts to perform detailed penetration tests on different applications within our family of products.
From the day someone starts with MDBilling.ca we focus on privacy. Our employee onboarding program includes extensive training on privacy and their legal obligation to protect Personal Health Information (PHI). As well, on a continuous basis our staff is required to complete periodic training and assessments to ensure that everyone understands and keeps privacy at the top of their mind.
We take privacy regulations seriously. We are in compliance with Ontario’s PHIPPA and British Columbia’s FIPPA & PIPA regulations and have completed a Privacy Impact Assessment (PIA) that verifies PHI is safely stored and shared only with those who are also in compliance and have a need for the data (like the Ministry of Health and Long-Term Care, for example).
MDBilling.ca is 100% privately owned and operated by Canadians and your data is stored in securely Canadian facilities. Our sole source of revenue is from payments to our customers from our products and services. We will not monetize your data, nor target you with sales campaigns by another organization.
Do not share passwords with other people or services, and choose a password that is not easy to guess. When creating an account or resetting your password, you can use our password strength tester to test your password.
Two factor authentication (2FA) requires two pieces of identity before allowing you to sign in to your account. This helps to ensure you are who you say you are and that your password is still controlled by you. Once configured, in addition to your password, MDBilling.ca will ask you to provide a code when you log into a new device or 90 days has passed since you last entered two step authentication. Set up is simple. Configure your account for two factor authentication.
In order to steal confidential information, attackers may impersonate MDBilling.ca or other services you trust. Please pay special attention to unfamiliar e-mails, websites and links, and don’t let these contents trick you into entering confidential information such as passwords. Also, if you see something suspicious on MDBilling.ca, please report the problem to us.
We have implemented granular logs to see who has accessed your patient records. We continuously monitor these logs and take rapid action on any suspicious activity.
MDBilling.ca makes it easy to manage your medical billing duties but in some cases you may want to delegate this work to someone else. As a best security practice, be sure to only grant permission to people you know and trust, restrict their privileges to only the data they need and remove those who have left your organization immediately. You can add users and revoke access to your account with just a few clicks. Learn more about user management.