Security and Privacy Standards for the Modern Mental Health Therapists’ Electronic Office

| January 2, 2013
Security and privacy, mental health, MyOutcomes

Are you a behavioural health practitioner and are concerned about meeting security and privacy standards?

MyOutcomes is committed to meeting or exceeding current standards, here are some of the most common concerns identified across different electronic health information policies.

Physical Safeguards? – MyOutcomes’ server has an enterprise-class firewall and is housed in a data center with SAS-70 Type II Certification.

Access Control?  – All users have passwords and User Ids and assigned access to different levels of private health information. An automatic logout feature prevents unauthorized access to device screens.

Integrity Controls? – Electronic measures are in place to confirm that records have not been altered or destroyed.

Transmission Security? – Data is sent over SSL, while all aggregate data is automatically de-identified to protect private health information and 256-bit encryption of all transferred data serve to further ensure data security.

De-identified Client Information?  – When you are adding a new client, the Client ID in the top left field would be your organizations typical coding ID (This ID should be coded). To the right of the Client ID, you can enter the clients full name. This will help confirm the correct client, the client’s name is de-identified in our system, for example:

Client name: Jane Doe, and here is the same client name after it is encrypted and stored in the database:

251001dd885f0c6b510dbd9349d0514d386959c3c317837b93bbf66e9449c077d60c2216318f8953

The following “ Update User Info” video clip from our tutorial series further illustrates the password and access controls for different levels of users in MyOutcomes.

CTA-request-call-back-1

Pinterest Twitter Facebook Linkedin Youtube Email

Tags: , , , ,

Category: Privacy & Security, Private Practice

Comments are closed.