Though security and privacy sound like the same thing, did you know there are distinct differences between the two? It’s a common misconception to think that because you possess security, you remain private. However, despite security being occupied with securing sensitive data, privacy ensures that any transfer of data is done at the notice of an owner of sensitive data. In short, security is the goal of preventing an over breach of data, while privacy is more concerned with using this trust with data responsibly.
It is in patientNOW’s best interest to affirm clients that their patients will experience both security and privacy. Though the two differ, privacy is integral to the success of secure data protection. While patientNOW is an industry-leading EMR provider that provides the ultimate data protection, clients can also be satisfied in knowing that the privacy of their patients won’t run the risk of being shared or transmitted without their consent. Let’s consider the various aspects of security that patientNOW ensures and how privacy plays a role.
Protecting the Patient’s Privacy
Our software product allows physicians the possibility to not only efficiently manage their practice but the ability to engage with their patients. The ability to consistently engage patients is dependent on having access to certain information about a patient. This information includes many things that patients may be wary of giving out, including phone numbers and emails, especially if a breach of data occurs. However, with patientNOW, retaining the privacy of the individual is integral to the success of securing data. This means that patients don’t need to worry about the possibilities of having their data sold to other companies. If there is a desire to have data available to another source, a patient will be asked for permission. Any data given cannot be given out without the consent of the clients involved.
In the highly unlikely event of a breach of data occurring, we will be immediately notified Alert Logic, a platform that manages detection and responses, which we would then instantly communicate to physicians that use our service. We will explain information that was potentially exposed, what the root of the problem is and steps being taken to address the issue. What we communicate to a practice can then be relayed to a patient to address any concerns necessary.
What About Malware?
Malware is software that is intentionally malicious and can cause damage to a server, client or network. Types of malware include viruses, Trojan horses, spyware, ransomware and many others. With ransomware, the type of virus that threatens to publish a victim’s information for ransom, PatientNOW is at low risk. However, in the unlikely chance of one happening, patientNOW is capable of reverting any damage that has occurred. The backups that patientNOW use allows us to revert any data held by as much as 30 days.
Because patientNOW uses AWS for their securing data, they do not posit the risk of having web servers accessed because they aren’t accessible from the outside. The cloud-based system doesn’t run the risk of being affected by an outside source and, because they do not have any external-facing points.
Despite the AWS system having a low risk of being accessed, there is still a risk for clients because they need to use their own local machine. However, due to this, there is an added layer of protection because the AWS system cannot have their central server accessed by other clients. As well, because each client needs to have an on-sight server that transmits to the cloud-based system, there is no risk for clients that have experienced an attack to have that attack lead to affecting another. This inability for data to be hacked from client to client ensures that each client’s data remains secure from malware and gives them an added layer of privacy that keeps their information from being shared.
What Exactly is AWS?
AWS (Amazon Web Services) is a cloud-based system that makes use of the shared responsibility model. By using AWS, patientNOW can maintain an “air gap” between the storage of data and where that data is produced. This gap provides a physical distance that only increases security and leverages accountability for a breach of data. Any data given from patient to client will be encrypted and transmitted to an AWS server as an isolated tenant. As well, with the shared responsibility model, AWS takes responsibility for any type of patient privacy.
With Alert Logic integrated into the AWS system, any vulnerabilities will be instantly notified to a client. Alert Logic is constantly monitoring clients networks, providing verified results, recommending steps to correct a breach and identifying any suspicious activity. These activities include malware that may be disruptive to a client’s patients privacy. The Anomaly Detection feature of Alert Logic also tracks unusual file deletions, modifications, encryptions and alerts IT to security threats which quickly enables “safe” backup.
PatientNOW Is the Optimal Service For Ensuring Security and Privacy For Its Users
While security and privacy sound like the same thing, they aren’t. Security is a term that’s often used to describe the prevention of data from being touched. Privacy is meant to represent that the data that’s being prevented from being touched won’t be shared with anyone else. By ensuring that confidentiality will be emphasized by patientNOW, the service is effectively saying that they aren’t going to do anything with clients data without their consent. This assurance can relieve clients of not only their data being protected from disruptive activity but also their data being shared across the web.
If you’re interested in learning more about the difference between security and privacy, and how patientNOW is the optimal system for ensuring the two for medical professionals, please give us a call at 888-644-2987. We can provide you with detailed information about our services and how they can benefit you. Contact us today.