Security & Compliance
Protecting sensitive healthcare information is a core responsibility at Cortex EDI. We implement administrative, physical, and technical safeguards designed to protect the confidentiality, integrity, and availability of protected health information (PHI) in accordance with applicable healthcare security standards.
Our security program is designed to help healthcare providers, billing companies, and organizations securely transmit and manage electronic healthcare transactions.
HIPAA Compliance
Cortex EDI operates in accordance with the requirements of the Health Insurance Portability and Accountability Act (HIPAA) and implements safeguards designed to protect electronic protected health information (ePHI).
Our security practices support the HIPAA Security Rule, including safeguards related to:
Cortex EDI can execute a Business Associate Agreement (BAA) with covered entities as required under HIPAA regulations.
Data Encryption
All data transmitted between users and Cortex EDI systems is encrypted using TLS (Transport Layer Security) with strong cryptographic protocols. TLS connections utilize modern cipher suites and certificate authentication methods such as SHA-256 with RSA.
Sensitive data stored within Cortex EDI systems is encrypted at rest using industry-standard encryption protocols designed to protect against unauthorized access.
Secure Infrastructure
Cortex EDI systems are hosted in HIPAA-capable cloud infrastructure environments designed to provide reliable and secure service.
Infrastructure protections include:
Physical and environmental security controls are maintained by the hosting infrastructure provider to protect systems and hardware.
Access Control
Access to Cortex EDI systems is restricted to authorized users only.
Security controls include:
These controls help ensure that only authorized individuals are able to access sensitive system data.
Password Security
User passwords must meet minimum complexity requirements to improve account security.
Password requirements include:
User passwords are securely stored using one-way cryptographic hashing and are never stored or displayed in plain-text form. Users may change their password at any time.
Multi-Factor Authentication
Cortex EDI supports multi-factor authentication (MFA) as an additional layer of account protection. When enabled, users are required to verify their identity with a second factor in addition to their password at sign-in.
MFA helps protect against:
Account administrators can enable MFA for users at any time. Contact support@cortexedi.com to get MFA set up for your account.
Audit Logging
Cortex EDI maintains system logs that record user access and system activity within the platform.
Audit logs help support:
Logging and monitoring help support compliance with HIPAA technical safeguard requirements.
System Monitoring & Security Practices
Cortex EDI regularly monitors system infrastructure and security controls to help identify potential security risks.
Security practices include:
These practices help maintain a secure and reliable platform.
Security Policy Updates
Cortex EDI may update this security policy periodically to reflect improvements in security practices or changes in applicable standards.
If significant changes are made, we will make reasonable efforts to notify users through the contact email address associated with their account or through notices posted on our website.
Contact Information
If you have questions about security or compliance, please contact us:
To report a suspected security issue, please call (800) 485-5977.
Last Updated: March 2026