Data Security refers to the PROCESSES and PRECAUTIONS taken by us, which are designed to ensure that the data collected from your practice and stored under our control, and the reports distributed by us about your practice CAN ONLY BE ACCESSED by persons explicitly authorised to do so.
The data that leaves your practice never includes any personal information elements that can identify patients i.e. the data is de-identified within your firewalls before being packaged and delivered to us.
PraxMax Clinic allows you to re-identify patients for your internal use. PraxMax Clinic links to your clinical database; and, reads a reference specific to each patient (that was originally sent with the data) that re-identifies the patient within your firewalls only.
We do not collect practitioner identities unless you have given consent for us to do so. In those circumstances, we only do so for the purpose of reporting back to you for your own internal use.
Prior to the data leaving your practice, it is encrypted using a 256bit industry standard encryption algorithm and can only be de-crypted once we receive it.
The data is transferred over the internet using the secure communication protocol https so that the messages are effectively encrypted twice.
The data we collect from you is stored in our privately secured Microsoft Azure Cloud, with all the applicable protections afforded by Microsoft. The data services we use from Microsoft have been certified to ISO 27001 information security management standard.
Access to our development and production environments by our staff are via 2 factor authentication using a Microsoft secure active directory, in addition to using role-based security to ensure only select authorised personnel can access the information.
We follow documented user access procedures to configure our systems so that only authorised users (within your practice) can access the reports we generate for you.