Ametros’ Security Measures
Ametros is the largest administrator in the country and takes its responsibility to maintain the security of its referral partners, clients, and members very seriously.
- Ametros complies with all technology standards, and is HIPAA compliant (for handling personal health information) and PCI compliant (for handling payments).
- Ametros complies with state regulations for the handling of personal information.
- Ametros maintains a substantial cyber security coverage policy.
- The funds are placed in a separate interest-bearing account under the name and Social Security Number or Tax ID Number of the injured party. Ametros acts as the custodian, managing the incoming bills and outgoing payments. Since the funds are placed under the individual claimant’s name, the funds will be protected should Ametros ever become insolvent.
- Funds are placed in a separate checking account. The funds are never pooled. Each account is insured by the Federal Deposit Insurance Corporation (FDIC) up to $250,000.
- We are compliant with industry best practices and train our team on security protocols. We also hire third parties to independently conduct routine audits of our financials, technology systems, and policies and procedures to ensure our security is solid at all times.
- All of the sensitive data Ametros handles is hosted in secure colocated facilities that maintain the highest levels of protection. We can provide their SOC-1 (SSAE16), or SOC-2 reports as requested.
- We partner solely with vendors that have strong and verifiable security policies.
- Ametros enforces security protocols involving encryption and secure file retention systems; all email is secure.
- Ametros works with independent third parties to conduct penetration tests of its systems.
- Independent third parties also test our personal health information controls, complete financial and policy audits, and provide training for Ametros.