We have been following the stories of data lost or stolen this past year with increasing concern about the safety of the internet.
As a result we spent much of the summer hard at work upgrading the level of security at Gateway.
This is important work, although not terribly rewarding.
Some of these changes –
- We no longer rely on just user name and password sign in, all of the data we store now requires two factor authentication for access.
- We are in the midst of implementing email encryption using a service that was highly rated by the New York Times – Virtru. Very soon we will be asking patients who communicate with us to use Virtru encryption. We already require all clinicians to use it when communicating with each other.
- We have set up the highest level of security available to protect contact information that might be available to clinicians using mobile devices.
- We will stop using some services that cannot meet our new standards for data protection (we will, for example, change how we allow patients to schedule appointments online – the new procedure will not be as convenient, but will be more secure).
In all of these moves we have been trying to preserve the sharing of data that is so essential to “integrated treatment” while raising the level of protection for that data.
After all, in twenty years of practice, there has never been a data loss at Gateway, and we know that sharing information has immeasurably improved the quality of our care for our patients, so we can’t just eliminate data sharing.