All Alembico users or support agents.
Review of the main elements of privacy protection
Your privacy obligations when using Alembico
Privacy: Privacy is defined as the right of an individual to keep his/her individual health information from being disclosed. This is typically achieved through policy and procedure. Privacy encompasses controlling who is authorized to access patient information; and under what conditions patient information may be accessed, used and/or disclosed to a third party.
PHI: Personal health information (PHI) includes oral or written information about the individual, if the information:
Any other information about an individual that is included in a record containing personal health information is also included in the definition.
Personal health information (PHI) is one of the most sensitive types of personal information that is frequently shared for a variety of purposes, including care and treatment, health research, and managing health care systems.
PHIPA: The Personal Health Information Protection Act (PHIPA) sets out rules for the collection, use and disclosure of personal health information.
The rules apply to all health information custodians and to individuals and organizations that receive personal health information from health information custodians.
Privacy Breach: A privacy breach occurs when PHI is lost, stolen or subject to unauthorized access, or when policies aimed at protecting privacy are violated.
Under PHIPA privacy Law, you must protect PHI.
You confirm that you are authorized to access the personal health information (PHI) in accordance with your clinical and/or administrative duties as defined by PHIPA regulations.
You understand that you may be subject to disciplinary and/or legal actions as applicable for unauthorized access to PHI.
You cannot share your Alembico username and/or password with anyone and you must take reasonable measures for its protection.
You agree on MED49’s end user agreement
Log into the system only with your own credentials.
Never let others use your credentials.
If you are leaving, log out of your account.
Ensure unauthorized people cannot see your display screen.
Don’t take pictures or screenshots of the display.
Print only if the system has a Print button, and then print only what you need.
If you must download PHI, download only what you need, and only to a secure location using a password-protected file or encrypted device.
Don’t try to access restricted or blocked content intentionally.
Only send information through secure and trusted email or Secure File Transfer Protocol (SFTP).
MED49 is responsible to maintain and store all EMR data, the majority of client data is anonymous during the system maintenance and operation.
MED49 as a vendor will not use, market, process or transfer any data without clients’ consent.
By obtaining client’s consent, Alembico support personnel may access clinic data directly or indirectly in response to client’s support request.
MED49 will perform investigation from audit system for any concerns of privacy breach.