About Us

IMX Medical Management Services is a national medical consulting company which has been providing Independent Medical Evaluations and Independent Review Services since 1995. We recruit, credential, coordinate, schedule and deliver quality reports on these medical services throughout the United States.

In 2016, IMX acquired First Rehabilitation Resources (FRR) a Medical and Vocational Case Management company based in Maryland. FRR has been delivering quality, cost-effective case management and excellent customer service to Clients since 1990.

In 2019, IMX and FRR were acquired by QTC, a Leidos company. QTC has conducted more than 9 million exams during their 40-year history meeting and exceeding customer quality measures. QTC’s extensive national network of physicians undergoes a rigorous training and credentialing program. 

Benefits to referring party

• IMX Network Evaluation Centers
• Comprehensive Network of Credentialed Providers
• Online Portal
• Estimated Fee Notifications
• Medical Record Reminders
• Electronic Medical Records Preparation
• Courtesy Examination Reminders
• No Rush Fees
• IMX Quality Assurance
• Advanced Operating Systems and Data Security

Electronic Medical Record Preparation

The benefit of this comprehensive record review is to determine the medical-legal issues in question. Frequently, the file can be complex and lengthy, so organizing the documents ahead of time will maximize the time and expertise of the reviewing physician. The results of this record preparation will often determine the most appropriate specialist for the review and the necessity of ancillary testing.

 

IMX Quality Assurance

IMX recognizes the need for strong quality assurance of providers reports, tasked with maintaining objective opinions supported by clear medical rationale. While our mission is to identify qualified providers that are familiar with performing Independent Medical Evaluations and Independent Review Services and provide them with education when needed, we also recognize the need to perform a retrospective quality assurance process to ensure that our standard of quality is maintained.

 

Our Commitment to Privacy and Cybersecurity

At IMX, a QTC company, we take our responsibility to protect our customers’ data very seriously and are committed to protecting the privacy and accuracy of your confidential information.  We apply industry-leading standards that align with the NIST Cybersecurity Framework (CSF) and NIST SP 800-171 (Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations) to protect your confidential information. 

Following this risk-based approach, IMX performs an annual IT Controls risk assessment.  IMX uses the results of this risk assessment to identify opportunities for improvement of existing IT controls and promptly implements any IT Controls needed to meet applicable industry, state, and federal laws and regulations. These regulations may include the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules as issued by the US Department of Health and Human Services (HHS) or any other laws that apply to our handling of your personal information.

IMX’s environment is protected with enterprise-grade security, including industry-leading security appliances. These appliances protect customer data from attacks targeting internet-facing applications and the underlying infrastructure. 

Internal auditors and independent third-party assessors perform continuous IT and Cybersecurity risk assessments using the NIST 800-37 Risk Management Framework to maintain an Authorization to Operate (ATO) from various Federal Government Agencies. We also perform assessments of our IT and Cybersecurity measures in connection with meeting our obligations under the Sarbanes-Oxley Act.  In adherence to these regulatory requirements, QTC’s IT General Controls for financial systems are evaluated by external auditors to ensure our systems’ security, availability, and processing integrity are operationally effective.  

IMX’s environment is continuously monitored by our Security Operations Center (SOC). Our IT professionals and the Computer Security Incident and Response Team (CSIRT) are organized to coordinate, contain, eradicate, and recover from computer security incidents and coordinate customer notification.  Furthermore, our Data Center partners utilize an independent, third-party cyber security firm that performs annual SOC 2 Audits for security compliance.