Maintaining medical confidentiality is a right that the patient has, provided for by law. The medical record, an instrument used by health professionals, used to document data collected during the consultation, despite having the establishment where the consultation took place, it is a document belonging to the patient.
The data entered in the medical record must be in a safe place, as the Brazilian Medical Code of Ethics says that: "the doctor is forbidden to allow the handling and knowledge of the medical records by people not obliged to professional secrecy, when under their responsibility", which means that in addition to taking care of accidents (fires, humidity, etc.) there is also a need to keep this document out of the reach of unauthorized persons. You can find out more details on the subject in our article on how medical confidentiality works in the relationship with the patient.
If you are still adept at physical records (on paper sheets), the first suggestion we give is that you replace these with medical software, because then, when using an electronic medical record, you and your team will have many more advantages, as well as greater security. You can even check out our article here on the blog, where we commented on 5 advantages of migrating to electronic medical records.
If you are in doubt about which electronic medical record to use, we will now introduce you to Ninsaúde Apolo, and next, we will comment on how this software can help maintain medical confidentiality in your clinic or office.
Ninsaúde Apolo is a cloud software, that is, no installations on computers or tablets are needed to use it, and the cloud platform services always encrypt the stored content without any action from the client, using one or more mechanisms of cryptography. These same policies and management are adopted by Google and Gmail.
We use AES-256 encryption with symmetric keys that are also encrypted with a master key stored in a keystore. Also, the master key is changed regularly.
Ninsaúde Apolo uses more than 30 data centers spread throughout South America, North America, Europe, Asia, and the Pacific, and with this distribution, we absorb distributed attacks.
We work with end-to-end security and Grade A quality encryption, which protects data in transit from major internet vulnerabilities.
Compliance and certifications
Our infrastructure is certified for compliance with various standards and controls, in addition to undergoing independent third-party audits to test data protection, privacy and security.
The health professional may be penalized for failures in filling out the medical record, as well as for undue changes after the date of care. In this case, when using software, failures by unreadable letters will no longer be a problem.
With Ninsaúde Apolo, the health professional can pause the service for up to 48 hours after starting it, this helps him if he forgot to insert some important information, or when the patient comes in contact during that period reporting any other complaints or additional information, for example. After 48 hours, the medical record ends automatically.
Information restricted to groups of users and professionals
With user groups, the system administrator chooses who will be able to view certain information, whether it is related to patients, clinic finances, among others. It is also possible to include health professionals in groups, where it will be defined whether they will be able to view all medical records or only those of their patients.
By default, only health professionals can view patient histories, however, so that professional 'x' can check the information entered by a professional 'y', it is necessary to have a configuration of sharing the reading of medical records.
This functionality is important in cases where the patient needs to go through several professionals in the clinic, and for a more assertive diagnosis, it is necessary to know what other professionals have already reported about him. In this case, if the patient has authorization, the professionals can create groups so that only the users inserted in them can view these histories.
Now that you know how to protect your patients' data with Ninsaúde Apolo, your clinic can also be more secure. If you are not yet a user of the software, contact us through the Apolo.app website and learn more.