Keeping Patient Data Confidential
Under the Health Insurance Portability and Accountability Act (HIPAA), health care providers must take reasonable steps to protect the privacy of patients regarding their health care information. That means companies that provide services to health care providers are also responsible for protecting patient privacy. We here at Business Promotion take that responsibility seriously.
The internet was originally Arpanet, a project of the Defense Department. Unfortunately, when researchers were first developing the email protocols we still use today, they seem to have assumed that the whole network would be secure, and therefore there was no need to make email itself secure. Now that the internet is wide open for anyone to use, that means emails can be fairly easily intercepted. Even if you use an encrypted SSL connection to your email server, there's no guarantee that every step between sender and recipient is secure. That is why you should never send confidential patient information via email.
Our online Patient Forms service uses 256-bit encryption to encode patient data before placing it in a database. This means that even if someone gains direct access to the database, they cannot read the patient data. Also, because of the problem with email security mentioned above, we will not email the patient data. Instead, we send an email notifying your office that a patient has filled out the online form, and give you a link so you can log into the admin area of your site in order to securely download the patient data. Thus, your patients can be assured that their data remains private.
Author: Eric Stone
Position: Senior Web Developer
Eric Stone has been working in website development since 1999, and has been with Business Promotion since 2009.