Compliance with privacy regulations is important for every clinic that manages patient data. Using Brightsquid you can maintain compliance while managing day to day operations and keeping your clinic safe from ransomware.
Brightsquid compliant communication services adhere to over 140 regulatory requirements so you are protected against privacy breaches and can prove compliance in the event of an audit. Each year, Security Metrics performs a National Institute of Standards and Technology (NIST) 800-30 Risk Assessment on the Brightsquid platform to ensure continued compliance. All Brightsquid staff complete annual privacy certifications to maintain our high level of expertise.
Encryption does not equal compliance, nor does security. You can have encryption and security without being compliant with the law. However, you can’t be compliant without security and encryption.
Compliance with privacy regulations is good business practice. Regulatory requirements and guidelines are designed to keep patient data safe. Clinics that comply with privacy laws are better protected against patient data breaches such as ransomware that can shut down a clinic for days, weeks, or worse, permanently.
Authentication – Everyone who views information must be individually identified.
Auditability – Access must be tracked and stored for future reference.
Chain of Custody – You must be able to prove who came in contact with information.
There’s more to clinical privacy compliance than communications. In Alberta, privacy regulations mandate that all clinics assess and identify how patient information is collected, used, and disclosed from an administrative, physical and technical perspective. The process is called a Privacy Impact Assessment (PIA).
All custodians of patient information are required to submit a PIA to the OIPC under section 64 of the Health Information Act (HIA).
The Brightsquid privacy team, lead by Alberta’s PIA expert Ingrid Ruys, has completed more than 1,000 PIAs and has over 30 years of compliance consulting experience. We can help answer all your questions and complete your PIA or help you file amendments to an existing PIA when things change.