We're Hiring!
Take the next step in your career and work on diverse technology projects with cross-functional teams.
LEARN MORE
Mountain West Farm Bureau Insurance
office workers empowered by business technology solutions
BLOG
8
19
2015
1.24.2023

The 3 Classes of MARS-E for ACA Compliance

Last updated:
9.16.2020
1.24.2023
No items found.

The Patient Protection and Affordable Care Act of 2010 (ACA) requires each state to have a health insurance Exchange, a marketplace where consumers can easily shop around for health insurance and find the best option for them by comparing price, benefits, services, and quality. In order to obtain Health Insurance Exchange (HIX) compliance, Section 1561 requires that certain security standards and protocols be met by these Exchanges in order to make every effort to protect and ensure the confidentiality, integrity, and availability of the system and its users.

MARS-E encompasses Management, Technical, and Operational classes

These Minimum Acceptable Risk Standards for Exchanges (MARS-E) are separated into three different classes: technical, operational, and management. These classes consist of nineteen various control families, handling everything from Personally Identifiable Information (PII) to Protected Health Information (PHI), and Federal Tax Information (FTI).

 

TECHNICAL

 

OPERATIONAL

MANAGEMENT

There is one last control family that is not a part of one of the three classes, and that is FTI Safeguards, the additional controls required by the IRS Publication 1075, which puts in place safeguards for protecting Federal Tax Returns and Return Information.

 

THINGS TO CONSIDER

When launching a MARS-E or HIX compliance program the first step you should take is getting to know the federal and state requirements. Then you go on to assess your levels of compliance within your company, and identify areas that are at risk or could be improved. You will also want to establish your system to monitor ongoing compliance, so that you can ensure compliancy at all times.

Recent Blog Posts

lunavi logo alternate white and yellow
1.24.2023
11
.
18
.
2022
Business Intelligence: The Present and Future with Director of Data Analytics, Jeff Thomas

Join us as we dive into the world of data analytics with our very own, Jeff Thomas. With 18 years of experience in this field, Jeff shared valuable knowledge and insight on the current trends of data analytics and where he believes the field is headed. We also discussed the challenges and barriers that enterprises face when implementing data analytics practices, Jeff explains how to rise above these challenges and use data to your competitive advantage.

Learn more
lunavi logo alternate white and yellow
1.24.2023
02
.
15
.
2022
Service Changes Coming to Microsoft 365 & Office 365

The NCE offers new subscription terms including 12-month and 36-month plans priced lower than monthly contracts. In addition, it is easier to add seats, cancellation policies are more consistent, and there are two promotional options to lock in a better rate for your current renewal. However, the mandatory new plans do include price adjustments.

Learn more
lunavi logo alternate white and yellow
1.24.2023
01
.
21
.
2022
Automate Your Cloud with Azure Bicep

Azure Bicep is a great way to implement Infrastructure as a Code to automate the provisioning of Azure resources. In this post, I’ll get you started by describing how Bicep language works as well as key differences and similarities between Bicep and ARM Templates.

Learn more