MARS-E Compliance

MARS-E is based on the NIST Special Publication 800-53, but has its own peculiarities. Our senior-level security consultants are well versed in both the nuances of the requirements and their technical implementation in today’s leading cloud-enabled healthcare systems.

38North’s team of senior cloud security advisors can help your exchange achieve MARS-E compliance, and deliver critical, secure cloud-enabled services to your enrollees and the public. Trust Us to Get You There.

Key MARS-E Requirements for NIST Special Publication 800-53

EHR Certification
Security Guidance
Privacy Guidance

EHR Certification

MARS-E 2.0 requires the use of a certified Electronic Health Record (EHR) system in order to be compliant. The certification must meet the requirements of the Office of the National Coordinator for Health Information Technology (ONC).

We’ve helped numerous organizations meet and prove these requirements. Just give us a call today.

Security Guidance

The Centers for Medicare & Medicaid Services identified a Catalog of Minimum Acceptable Risk Security and Privacy Controls for Exchanges (MARS-E), which focuses on systems with Moderate security categorization, provides a baseline for minimum acceptable security risk, outlines FTI protection requirements, and specifies implementation standards with linkages to CMS ACA security implementation guidance documents. The controls are based on the HHS ACA Regulations specified in 45 CFR §155.260 and NIST SP 800-53 Rev 4.

Got all that? Don’t worry. We speak MARS-E and can help you identify which controls are needed to ensure security.

Privacy Guidance

The Centers for Medicare & Medicaid Services requires exchanges to provide user access to view and correct personal data stored in the exchange, and transparency around data integrity, among many other requirements. Baking these controls into your cloud-enabled services requires a team that has intimate knowledge of the requirements. Run-of-the-mill security consultants may give you the runaround when they encounter MARS-E.

38North MARS-E Compliance Services

We can do everything from showing where your program is lacking to building a fully-compliant security program.

Obtain MARS-E Compliance with 38North

Book an initial MARS-E compliance conversation with one of our global security experts today and we’ll show you how MARS-E compliance can help open new markets and provide industry-leading assurance.

Contact Us

(Please do not provide additional PII in this box)
This field is for validation purposes and should be left unchanged.