The Brazilian General Law on Protection of Personal Data (LGPD), Law No. 13,709, of August 14, 2018, provides for the processing of personal data, including in digital media, by a natural person or a legal person under public or private law, intending to protect the fundamental rights of freedom and privacy and the free development of the personality of the natural person.

The LGPD had already been discussed in Brazil since 2010, and the subject of data protection gained prominence when in 2016, Cambridge Analytica used data from users of the social network Facebook, to carry out a personalized and more precise political campaign in the election of Donald Trump.

Due to the large number of data generated constantly, several countries such as Japan, the United States, Argentina, and members of the European Union ended up creating specific laws that regulate data protection.

The LGPD is very similar to the GDPR (General Data Protection Regulation), a law that regulates the data protection of all countries that belong to the European Union. The LGPD demands that companies and public agencies change the way they collect, store and use people's data. In the area of health, the impact can be great for those who do not comply with the Law.

About LGPD

According to Art. 2 of the LGPD, some of the fundamentals of the discipline of the protection of personal data are regarded for privacy and the inviolability of intimacy, honor, and image. The Law aims to protect three types of data:

  • Personal data - information related to an identified or identifiable natural person. In other words, it is general information related to the person's life, such as an address, date of the birth, profession, etc.
  • Sensitive personal data - personal data about racial or ethnic origin, religious belief, political opinion, union membership or organization of a religious, philosophical, or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person. In other words, it is information that presents a more personal and private character about the user's intimate life.
  • Anonymized data - data related to the holder that cannot be identified, considering the use of reasonable and available technical means at the time of its treatment. These data, in turn, are used only in very specific cases.

The structured set of these personal data is called a database, with the patient being the holder of this personal data. It can be established in one or several locations, either electronically or physically. This means that not only software must comply with the Law: clinics that still have medical records on paper should be careful so that this data does not fall into the wrong hands.

Clinics that do not conform to the standards imposed by the LGPD, will be subject to the punishment that can be from a warning, with an indication of the deadline for adopting corrective measures, up to the payment of fines. These fines may be simple, up to 2% of the clinic's revenue, but they can reach the limit of up to R$ 50,000,000.00 (fifty million reais) per infraction, or in some more serious cases, the clinic may have its suspended activities.

What are the main problems related to security and privacy in clinics, offices, hospitals, and healthcare environments?

Both for those who use the medical record on paper and for those who already use management software, some problems involve the privacy and security of patient data. The first that we can mention is the fact that secretaries, administrators, and professionals outside the health team have access to medical records, which is an illegal practice.

Health professionals can ask the secretary for some patient information before starting care, but when it comes to sensitive personal data (as information about your health, which can be found in your medical record), it becomes an illegal practice. In cases where the paper is still used, even if the secretary only transports the patient's medical record from one room to another, it is already illegal, due to the simple fact of having a document in hand that should only be handled by the patient. healthcare professional.

Another common activity is the fact that the secretary uses the health professional's stamp and even signs on his behalf when he is not at the clinic or is busy with another patient. This can occur in documents such as certificates, declarations of attendance, and even in prescriptions of medications, which is prohibited.

Still concerning the secretaries, another point that has been seen a lot is the indication of medicines via telephone made by them. It is important to remember that only a qualified professional can prescribe medication and only he will know which is the best option for the patient.

Regarding the use of software, there is a problem connected to user login: in some cases, only a password is used for several people to access the system. Some technology companies charge their fees based on the number of registered users, and for that reason, in clinics and hospitals, it is customary for the same password to be used by more than 10 nurses, for example.

With the Ninsaúde software, Apolo, the customer can register as many users and health professionals as he wishes, avoiding this type of problem. However, it is important to know that he can still act erroneously, on his own.

What steps should be taken?

For risks to be minimized and to avoid penalties, one of the first steps to be taken is to abandon the paper medical records. By law, conventional medical records must be kept for at least twenty years, counting from the date of the last record of patient care.

However, one of the paper's biggest problems is that it may change over time, making documents unreadable or even causing their total loss, as in cases of floods, fires, or cyclones. The conservation of paper documents involves three premises: preservation, protection, and maintenance, and to keep them intact it is necessary to protect them from the action of five types of agents that can damage them, namely:

  • Physical agents: luminosity, temperature, and humidity are agents that can easily damage your records made on paper. Light is one of the most aggravating factors in the process of degradation of bibliographic materials, while the temperature can deteriorate the document even if the conservation conditions are good, as well as the excess moisture, which can easily damage it.
  • Chemical agents: the acidity of paper, when found at high levels, can shorten its life span, and even more when combined with factors such as high temperatures and a wide variation in the relative humidity of the air. Air pollution is also a major cause of the chemical degradation of paper. It is important to know that ink, one of the most important compounds in the documentation, can also change over time.
  • Biological agents: insects, fungi, and rodents can cause serious damage to paper charts. Most fungi produce pigments that stain the paper, while the main insects that cause damage are borers and woodworms, moths, termites, and cockroaches.
  • Environmental agents: poor ventilation together with dust causes the appearance of biological agents on graphic materials, which can result in their damage.
  • Human agents: in addition to the fact that such documents may fall into the hands of unauthorized persons, their improper handling, such as having dirty hands or eating while consulting them, fat and sweat on their hands, are some of the factors of deterioration.

Access control

Although all these records are in the possession of the health professional at their place of care (clinic, office, hospital, etc.), such document belongs to the patient, and the establishment must provide it whenever necessary, as it is guaranteed by law that any citizen has the right to access all data about him.

Therefore, the sharing of the medical record or copies of it can only be provided with the patient's authorization, so the medical software in which such information will be stored must contain strict access control.

The first access control that software must have is through passwords. Each person who uses the software must have access controlled through a password per user. In the Ninsaúde Apolo software, in addition to a password and username, it is necessary for the individual to fill in the "account" field, regards the establishment's registration with Ninsaúde, which considerably increases data security. You can learn more about it in our article where we talked about the importance of well-crafted passwords.

After enabling the access of these users through passwords, in Ninsaúde Apolo it is also possible that the software administrator limits the screens that certain users will use. This action not only prevents an unauthorized user from viewing financial information about the clinic, for example, and also prevents access to patient data, which is restricted to healthcare professionals only. This screen restriction can be done through groups of users.

In the case of health professionals, in some cases such as bariatric surgery for example (which is a type of medical procedure that needs to be monitored by a multidisciplinary health team), each professional will contribute in some way to the preparation and recovery of the patient, so everyone involved must share medical information about the patient.

The software can enable the creation of groups of professionals, where only professionals who are in that group will be able to access the information of the patient in question, as long as the same has authorized it.

Data encryption

Data encryption is a process that seeks to eliminate the chances of third parties gaining access to data. The encryption of static and mobile data is of paramount importance and difficult to implement, for this reason, it has already been considered a major technological challenge for some companies and remains for others.

Regarding the use of software, data encryption can be present in several stages: information storage, internal communication, communication between the application and the data server, user login, and online payments.

In cloud software (such as Ninsaúde Apolo), when the URL of the web page starts with "HTTPS", it indicates that your data will be encrypted and transferred using a secure protocol.  There is also the presence of a lock icon, usually in the left corner of the browser, which indicates that your information remains private when sent to that site.

At Ninsaúde Apolo the data is automatically encrypted before being written to the disk. Each encryption key is encrypted with a set of master keys. Key and encryption policies are managed in the same way, in the same Keystore, as Google's production services. In the same sense, there is also encryption in motion. Moving data is encrypted with a 2048-bit SSL certificate that changes your keys every three months.

Another detail is that we work with end-to-end security and Grade A quality encryption, that protects data in transit from major internet vulnerabilities. Besides, Ninsaúde Apolo uses more than 30 data centers spread across South America, North America, Europe, Asia, and the Pacific, and with this distribution, we absorb distributed attacks. Finally, our infrastructure is certified for compliance with various standards and controls, in addition to undergoing independent third-party audits to test data protection, privacy and security.

Now that you know how to protect your patients' data with Ninsaúde Apolo, your clinic can also be more secure. If you are not yet a user of the software, contact us through the Apolo.app website and learn more.