Release 2
Health Espresso is a healthcare organization that has developed a cutting-edge application to provide a secure communication platform for healthcare professionals to access real-time patient information. The organization is led by CEO Rick Menassa, and is focused on creating a platform that is trustworthy, private, and secure in order to protect personal health information (PHI) and personal information (PI).
By combining trust, privacy, and security, Health Espresso is able to create a platform that is secure and trustworthy for healthcare professionals to use. This is especially important when it comes to handling sensitive information such as patient vitals, medication lists, and adherence data, as these types of data require a high level of protection in order to maintain patient confidentiality.
This report has been created to describe how the Health Espresso Agreement Framework meets the requirements for substantiating the protection of personal health information (PHI) and personal information (PI) in the context of OTN Virtual Visits. The report discusses the various safeguards that are in place to ensure that PHI and PI are protected in compliance with applicable legislation, and how these safeguards work together to ensure the confidentiality and security of this sensitive information.
The report also describes how Health Espresso, as a solution provider, and its data processing/business partners are responsible for ensuring the protection of PHI and PI. This could include a discussion of the measures that are in place to secure data transmissions and storage, as well as any policies or procedures that are in place to prevent unauthorized access or disclosure of PHI and PI.
Overall, this report is intended to provide information on the measures that are in place to protect the confidentiality and security of PHI and PI in the context of OTN Virtual Visits, and to demonstrate that these measures are in compliance with applicable legislation.
Health Espresso has a clear support structure and guidelines in place to ensure that both clinic users and patients are adequately supported. For clinic users, this may include technical support for any issues they encounter while using the clinic's systems, as well as guidance on how to use the various tools and resources available to them. It may also include support for managing patient appointments and scheduling, as well as handling any administrative tasks.
For patients, the support structure and guidelines may include information on how to access virtual visits and other services offered by the clinic, as well as guidance on how to use these services effectively. It may also include information on how to contact the clinic with any questions or concerns, and how to get help with any issues that may arise during their virtual visit.
In the event of a virtual visit interruption, Health Espresso can send a mass email to all affected users through a dedicated support email address. This can be done to notify users of the issue and to provide information on when the virtual visit will be available again. The mass email may also include any relevant updates or instructions for users during the interruption. It allows us to communicate with users in a timely manner to minimize any disruption to their virtual visit experience.
It is important for a healthcare organization to clearly communicate its privacy policies to patients before they sign up for registration. Health Espresso does this by providing access to privacy information on both the mobile app and the web app. This allows patients to review and understand the organization's policies on how their personal and medical information will be collected, used, and shared before they agree to register.
Having the privacy information readily available before registration helps ensure that patients are fully informed and can make an informed decision about whether to register with the organization. It also helps to establish trust between the organization and the patient, as the patient can see that the organization is transparent about its privacy practices and is committed to protecting their personal and medical information.
The privacy policy document (Health Espresso - One Patient, One Record, One Care Plan) that has been linked outlines the rules and procedures that govern the handling of personal health information (PHI) and personal information (PI) within the organization. These rules may cover a range of topics, including the collection, use, disclosure, retention, accuracy, security, and disposal of PHI and PI. The privacy policy also includes information on breach management, and information security.
The purpose of this policy is to describe requirements for preventing and addressing computer virus, worm, spyware, malware, and other types of malicious software.
The purpose of this policy is to describe requirements for preventing and addressing computer virus, worm, spyware, malware, and other types of malicious software.
Authorized users will be assigned a user ID that in combination with other identifiers (e.g. passwords, facility or location identifiers) can uniquely identify the user.
The Password Management Policy is to provide guidance to the leadership, employees and contractors of Health Espresso on matters concerning the management of passwords. It includes certain rules as:
Health Espresso will enable audit logging functionality in all Health Espresso applications and operating systems.
Health Espresso will define audit reports to be generated by Health Espresso applications and operating systems based on the risk of unauthorized collection, use and disclosure of PHI, or risk to the confidentiality, integrity and availability of Health Espresso system assets.
Purpose of this Data Classification Policy is to provide guidance to the leadership, employees and contractors of Health Espresso on matters concerning the classification of data assets. The policy establishes a framework for classifying data based on its level of sensitivity, value and criticality to Health Espresso and its customers.
This policy is to establish a corporate standard for using encryption technology to safeguard sensitive information in transit or at rest.
Confidential and restricted data as defined in the Health Espresso Data Classification Policy, must be encrypted using strong encryption. This includes:
Any data transmitted to or from the software is protected using transport layer security (TLS). Health Espresso has phased out support for TLSv1 and TLSv1.1 and only supports TLSv1.2.
For AWS Simple Storage Service (S3) and AWS Relational Database Service (RDS), SSE-KMS (Server-Side Encryption) is enabled using AES-256-GCM symmetric key algorithm. For mobile applications, encryption is enabled on the mobile device along with data obfuscation.
AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency, so there is no need to engage AWS Support to benefit from DDoS protection. All AWS customers benefit from the automatic protections of AWS Shield Standard. AWS Shield Standard defends against most common, frequently occurring network and transport layer DDoS attacks that target your web site or applications.
AWS WAF is a web application firewall that helps protect web applications and APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. AWS WAF gives control over how traffic reaches applications by enabling creation of security rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that filter out specific defined traffic patterns. The Managed Rules for WAF address issues like the OWASP Top 10 security risks. These rules are regularly updated as new issues emerge. AWS WAF includes a full-featured API that can be used to automate the creation, deployment, and maintenance of security rules.
All uploaded data is kept in AWS Elastic Block Storage (EBS) encrypted volumes in Data Centers geographically located within Canada. Amazon EBS volumes are designed to be highly available, reliable, and durable. EBS volumes are designed to protect against failures by securely replicating within the Availability Zone (AZ).
Health Espresso solution utilizes separate databases for development/testing and production environments. Health Espresso utilizes Amazon PostgreSQL Relational Database (RDS) service for both development/testing and production databases.
Health Espresso's customer agreement with AWS identifies Data Privacy as an extension to technical safeguards. An aspect of this notion is having the choice of region for data residency. Selecting the Canadian sphere ensures Health Espresso's clients can trust in our privacy operations and compliance obligations.
In this context, AWS will not access or use content except as necessary to maintain service offerings or comply with legislated law. Further, AWS will also not disclose content to a third party or government and will not move data from the selected region. An exemption is in place where AWS must investigate fraud, abuse, or agreement violations.
Utilizing a cloud infrastructure data stored by Health Espresso is protected by AWS Datacenter physical safeguards. These include:
Health Espresso had a PIA completed for its organization by a certified third-party.
Health Espresso had a TRA completed for its organization by a certified third-party.
We have had our Vulnerability Scanning Attestation completed by a certified third party.
We have completed Peneration Testing completed by a certified third party.
We have completed Security and Privacy Control verification completed by a certified third party.
To enhance functionality of the Health Espresso platform certain Terms of Service (ToS) agreements have been initiated thru the use API's. Such functionality includes Bluetooth management, geo location data collection and video/audio streaming
In the Developers ToS, information channeled into HealthKit does not leave the users device and is encrypted. Additionally, Apple does not have access to the local data. HealthKit temporarily caches the data and saves it to the encrypted store.
We are reminded as Developers (via ToS) to disclose a privacy notice, which is enacted, to our clients on use of HealthKit data. In return, Health Espresso may not sell the information gained from the API to brokers, use it for advertising, or disclose information to a third party without permission from the user.
Google requires developers to abide by an API ToS. Clients/end Users provide personally identifiable information (PII) and include such elements as search terms, IP addresses, and latitude/longitude coordinates. Google's notification requirement calls for Health Espresso to notify users of this data exchange via privacy notice, again enacted, and the user can revoke consent at any time.
Agora is a software company that creates a "Real Time" engagement platform to embed video and voice capable APIs for customer applications. Health Espresso are using Agora's Developer API kits to enhance the medical clinic/client relationship.
The Agora developer kit provides security features that can be taken advantage of. API's allow Identity Access Management for private sessions. 3rd party data encryption option for developers. Geo fencing which gives the ability of customers to select regions to meet related regulations.
In agreement with Agora ToS - Health Espresso uses Agora as a transmission bridge where no data is stored or recorded by Agora. For the enabling of service, Agora does collect the IP Address. All information in PHI and PI are collected by Health Espresso as defined by Health Espresso's Privacy Notice.
Health Espresso has established a retention schedule for PHI consistent with the legal obligations of Health Espresso customers under applicable privacy and data protection, legislation and documented in Health Espresso service-level or licensing agreements.
Health Espresso has established retention schedules for backup copies of PHI databases created for disaster recovery and business continuity purposes, audit logs that contain PHI and copies of data created for other authorized purposes, based on an assessment of business requirements.
Health Espresso will ensure that any software or utilities (e.g., encryption programs) required to read or copy archived or backed-up PHI is available for the entire period in which the PHI is retained
If data is stored in an encrypted format, Health Espresso will ensure that encryption programs, algorithms and keys required to decrypt production and archived data are available during the entire retention period and retained in a secure environment.
All uploaded data is kept in AWS Elastic Block Storage (EBS) encrypted volumes in Data Centers geographically located within Canada. Amazon EBS volumes are designed to be highly available, reliable, and durable. EBS volumes are designed to protect against failures by securely replicating within the Availability Zone (AZ).
Health Espresso patients would be promptly informed if their data ever travelled outside Canada, although that should never occur. We've built our systems to only access reliable Canadian servers, with failover servers located in Canada as well. This ensures there is never a data leak internationally and data is always stored securely.
Health Espresso uses Agora for video capabilities. Agora has published a compliance page on their website which provides information about their compliance with various laws, regulations, and standards. This page can be accessed at the following link: https://www.agora.io/en/compliance/
We have outlined our data protection policy within the “2.3.6 Reasonable Safeguards for data” section of this document.