myHealthKeeper Privacy and
Security Policy
We design and manage our site to meet and exceed current
industry standards of privacy, security, and confidentiality including the
Health Insurance Portability and Accountability Act of 1996 (HIPAA).
HuComm Solutions has considered the requirements of its
customers, federal and industry standards to provide data security and privacy
using the best of modern technology a privacy plan requires both products and
processes to prevent any compromise of patient data.
These require continual review and adjustment. HuComm Solutions is
committed to the ongoing inspection and our data security and privacy position,
to be expressed through this and other documentation made.
Security Architecture
myHealthKeeper invokes a security architecture that involves
four different areas of protection.
-
Physical Site Security
-
Network Level Security
-
Server and Session Security
-
Application Layer Security
Physical Site Security
All user-identifying information is stored in a secured
database that is field level encrypted.
The site has security measures in place to protect against the loss misuse and
alteration of the information under our control.
Network Level Security
The
myHealthKeeper system perimeter access is controlled by proxy firewall
mechanisms and around the clock detection.
Client data is logged, archived and stored in a central data vault under the
control of HuComm Solutions. Internal
transport layer communications are currently secured with industry standard
encryption technology.
Another important
element of any security strategy is the prevention of data attacks before they
occur provided by real time scanning of dedicated servers.
Security audits are conducted with members of the myHealthKeeper
technical teams to review of daily and quarterly assessments
Server and Session Security
myHealthKeeper requires encryption of transmissions that
contain any patient healthcare or patient-identifying information.
When transmitting data for display in a supported browser
(Explorer 5 or greater) myHealthKeeper presently allows requires 128-bit
encryption configuration on client connections.
Authentication with a proper digital certificate is required before
batch transfers of data transmitted in theses transfers is via SSL encryption.
No unencrypted transactions occur with any Internet products that run on
the myHealthKeeper platform. In addition, no transmission, with the exception
of messages generated by clients, ever contains both patient identifying
information and healthcare information.
Application Layer Security
The myHealthKeeper uses web servers that process using 128-bit
encryption HTTPS transactions from using the Internet.
The web servers authenticate the initial identification of a user, which
remains at transaction session.
What Kind of Web Site is This?
This is a unique kind of web site – a collaborative working
tool for monitoring your health. The
more information you enter, the more benefit you will get from the site’s
services. By entering data into
the record pages you will be able to create graphs and reports that will show
trends of your health condition over time.
You can then share this information with your healthcare team.
Our information gathering and dissemination practices for this
site consist of a system to create and store patient health records in order
for patients and their health professionals to collaborate to better maintain
patients health. Patients must
obtain a unique login name and a password before you can use the site.
myHealthKeeper is not engaged in rendering medical advice.
myHealthKeeper may share non-personal, non-identify summary, and /or
aggregate data with its partners and other third parties.
The myHealthKeeper registration process requires that patients
give us some specific personal information (name, address, date of birth, email
address, etc.) Using registration
information we develop a Profile for you in order for you to receive optimal
benefit from the site.
We use your Profile to tailor your experience at our site, by
matching your profile with our prescreened for content and commerce related
information. We do no share your
personally identifying information with our partners or third parties without
your approval. The data entered
into the myHealthKeeper system is never deleted without a prior written request
from a customer.
Sharing Access to Your Health Record with Your Health
Professionals
Patients share information with Health Care Professionals at
the clinic level. It is then the duty of the clinic to administer permissions
for their Health Care Professionals registered within the system.
myHealthKeeper provides a simple system for a patient to find their clinic and
determine if their clinic currently has read only access to their information.
If a clinic is not listed in the “My Clinics” section of the myHealthKeeper
system or is set to be “Referenced Only”, then the clinic does not have any
access to the Patient’s information.
A health care professional may only add comments to data
included in the myHealthKeeper system. A health care professional may not add
or alter data. The only exception to this rule is if the health care
professional is linked to a prescription. If the professional is linked to a
prescription, then the professional may alter the prescription or remove
themselves from that prescription.
When access to a patient’s information is altered the patient
and/or the clinic is notified via a system message. In addition, when a
prescription that a client is linked to is altered, all individuals linked to
that prescription are notified.
You may REVOKE a clinic’s ability to access your health record
at any time. To GRANT a clinic
access to your health record, it must be a registered clinic within the
myHealthKeeper system.
Resources
Resources are chosen by our clinical team based up to their
interpretation of current good medical practice current research findings, and
the health recommendations of prominent private and government institutions
(such as the American Diabetes Association, the American Academy of Allergy,
Asthma and Immunology National Institutes of Health and Centers for Disease
Control and Prevention).
External Web site links provided on this site are meant for
convenience and for informational purposes only they do not constitute an
endorsement. No person should act
or rely on any information on this site or linked to this site, without seeking
the advice of the appropriate profession to which the information applied.
All information is intended for your general knowledge only
and is not a substitute for medical advice treatment for specific medical
conditions. Your healthcare
provider should be consulted to discuss at related questions and prior to
starting any exercise route.
Contacting the Web Site
If you have any questions about this statement, the practices
of this site, or your dealings with this Web site, you can contact:
HuComm Solutions, LLC
10011 Bridgeport Way Suite 1500, PMB 296
Lakewood, WA 98499
admin@myhealthkeeper.com
HuComm Solutions is committed to protecting the privacy of
everyone who uses this site and demonstrates its commitment to privacy through Privacy
and Security Policy measures.
WE WILL NEVER WILLFULLY SELL, TRADE, RENT, OR LOAN
IDENTIFIABLE PERSONAL INFORMATION TO A THIRD PARTY WITHOUT FIRST RECEIVNG YOUR
PERSMISSION. UNLESS LEGALLY REQUIRED TO DO SO, WE MAY PROVIDE AGGREGATED DATA
TO OUR CLIENTS AND NOTHING IN THE AGGREGATED DATA WILLL IDENTIFY ANY INDIVIDUAL
PATIENT. HOWEVER, YOUR
PROFESSIONAL PRACTICE MAY RESIDE UNDER WITHIN THE BUSINESS DOMAIN OF ONE OR
MORRE OF OUR CLIENTS TO WHOM WE MAY PROVIDE A DATA, AND THIS DATA MAY IDENTIFY
YOU.