Logo
X
  • Who We Serve
    • By Role

      • CEO / Business Executives
      • CTO / IT Professionals
      • COO / Operations Head
    • By Industries

      • Healthcare
      • Digital Commerce
      • Travel and Transportation
      • Real Estate
      • Software and Technology
  • Our Technology Focus
    • Web
    • Mobile
    • Enterprise
    • Artificial Intelligence
    • Blockchain
    • DevOps
    • Internet Of Things
  • Discover Daffodil
    • About
    • Leadership
    • Corporate Social
      Responsibility
    • Partners
    • Careers
  • Resources
    • Blog

    • E-Books

    • Case Studies

    • View all resources

  • Who We Serve
    • By Role

      • CEO / Business Executives
      • CTO / IT Professionals
      • COO / Operations Head
    • By Industries

      • Healthcare
      • Digital Commerce
      • Travel and Transportation
      • Real Estate
      • Software and Technology
  • Our Technology Focus
    • Web

      Create responsive web apps that excel across all platforms

    • Mobile

      User centric mobile app development services that help you scale.

    • Enterprise

      Innovation-driven enterprise services to help you achieve more efficiency and cost savings

      • Domains
      • Artificial Intelligence
      • DevOps
      • Blockchain
      • Internet Of Things
  • Discover Daffodil
    • About
    • Leadership
    • Corporate Social Responsibilities
    • Partners
    • Careers
  • Resources
    • Blog

      Insights for building and maintaining your software projects

    • E-Books

      Our publications for the connected software ecosystem

    • Case Studies

      The impact that we have created for our clients

    • View all resources
daffodil-logo
Get in Touch
  • What We Do
    • Product Engineering

    • Discover & Frame Workshop
    • Software Development
    • Software Testing
    • Managed Cloud Services
    • Support & Maintenance
    • Smart Teams

    • Dedicated Teams
    • Offshore Development Centre
    • Enterprise Services

    • Technology Consulting
    • Robotic Process Automation
    • Legacy Modernization
    • Enterprise Mobility
    • ECM Solutions
  • Who We Serve
    • By Industry

    • Healthcare
    • Software & Technology
    • Finance
    • Banking
    • Real Estate
    • Travel & Transportation
    • Public Sector
    • Media & Entertainment
    • By Role

    • CEO / Business executives
    • CTO / IT professionals
    • COO / Operations
  • Our Expertise
    • Mobility
    • UI/UX Design
    • Blockchain
    • DevOps
    • Artificial Intelligence
    • Data Enrichment
    • Digital Transformation
    • Internet of Things
    • Digital Commerce
    • OTT Platforms
    • eLearning Solutions
    • Salesforce
    • Business Intelligence
    • Managed IT Services
    • AWS Services
    • Application Security
    • Digital Marketing
  • Case Studies
  • Discover Daffodil
    • About us
    • Partnership
    • Career & Culture
    • Case Studies
    • Leadership
    • Resources
    • Insights Blog
    • Corporate Social Responsibility
Get in Touch
resources-bg.jpg

Software Engineering Insights

How to Secure Personal Health Information in Patient Portals

Feb 20, 2018 10:31:30 PM

  • Tweet

 patient_portal_security.jpg

Patient portals can go a long way in bridging the care-delivery gap between patients and providers. This modern technology has a major role in keeping patients informed, involved, and connected with care providers.

According to TechTarget’s 2017 healthIT purchasing intentions survey, 67% of the organizations voted for patient portal as one of the promising technologies to boost patient involvement.

technology_to_boost_patient_involvement.jpg

Today, patients have the key role in their treatment. They are generating their own health data (through wearables, personal healthcare devices, mobile apps) and transmitting them to the clinicians. This, consequently, is enabling the care-providers render coordinated care, thereby reducing cost and improving outcomes.

While patient portals are allowing fast access and transfer of such healthcare information, it is important that details stay private and protected. To ensure that sensitive data of patients and the businesses is secure when it is saved on mobile devices or transmitted through client-server model, there is HIPPA compliance. In the following segment, we take a look at the security features that a patient portal should have in order to be HIPPA compliant.

1. Encrypting and Decrypting PHI: There is a lot that can be done with the patient portal and therefore there is variety in the information that a patient actually exchanges through app. From personal details (for scheduling) to medical records (for consultation), there is a lot being shared through online portals. Therefore, encrypting the data as it travels from patient to doctor and vice versa minimizes the possibility that any unauthorized party in between can misuse it. It is the best practice to encrypt data with 256-bit encryption. If not encryption, then you must use any equivalent solution to meet regulatory requirement.

2. Role Based Access Control (RBAC): Regulating who-can-access-what is important on the basis of their roles is important. For example: The administrative staff and practitioners in a healthcare organization would require access to different information. Therefore, considering the needs of every role, access can be granted.

3. Extensive Login Controls: Passwords are a the first line of defense against unauthorized access of a system. Therefore, patient portals should offer the facility to create, change, and safeguard passwords. Make it a point that users have a complex password to access the portal (alphanumeric with special characters, preferably). Further, automate the portals to validate the users (occasionally) by asking them the security questions). Or make the login system more robust with two-step verification, wherein users receive an OTP to have access to the portal.

4. Opt-In Agreements: HIPPA ensures that a patient is informed about whats and whys within an app. Therefore, HIPPA compliant portals should have display relevant forms, wherever needed to collect a patient’s content. One of the most common and important content form is an opt-in agreement, wherein a patient understands and agrees to the risks associated insecure communication or for sharing their PHI information with third party.

5. Record Logs for Audit: As per HIPPA’s logging requirement, the regulated entities should implement hardware, software, or other procedural mechanism to record and examine the activity in any information system (mobile, computers, emails, file sharing applications, printers, routers etc.) that use or contain PHI.

The activities that can be recorded includes user logging in, files accessed by a user, addition of a new user, redefining access level to a user, firewall logs, changes to databases etc. Logging this information and reviewing it periodically is important, so as to ensure that the entire system is in accordance to the HIPPA rules and regulations.

6. Custom Terms and Conditions: Under HIPPA compliance, the patient portals should define the terms and conditions, outlining how the healthcare organization is going to collect, use, and handle personal health information on day-to-day basis.

ALSO READ: 5 Must Haves in Healthcare Patient Engagement Portals

Secure, integrated, and intuitive patient portals have fear-reaching consequences for the healthcare stakeholders. To conceptualize the benefits that a patient portals can render to your organization, connect to our health-tech expert via 30 minute free consultation service.

Topics: Healthcare

Archna Oberoi

Written by Archna Oberoi

Content strategist by profession and blogger by passion, Archna is avid about updating herself with the freshest dose of technology and sharing them with the readers. Stay tuned here as she brings some trending stories from the tech-territory of mobile and web.

Previous Post

previous_post_featured_image

How Voice User Interface can Add Value to your Application

Next Post

next_post_featured_image

Nodejs: The Best of Javascript for Backend Development

Stay Ahead of the Curve with Our Weekly Tech Insights

  • Recent
  • Popular
  • Categories

Lists by Topic

  • Software Development (175)
  • Artificial Intelligence (169)
  • Mobile App Development (166)
  • Healthcare (137)
  • DevOps (80)
  • Digital Commerce (60)
  • Web Development (57)
  • CloudOps (54)
  • Digital Transformation (37)
  • Fintech (36)
  • UI/UX (29)
  • Software Architecture (27)
  • On - Demand Apps (26)
  • Internet of Things (IoT) (25)
  • Open Source (25)
  • Outsourcing (24)
  • Blockchain (21)
  • Newsroom (21)
  • Salesforce (21)
  • Technology (18)
  • Software Testing (16)
  • StartUps (16)
  • Customer Experience (14)
  • Robotic Process Automation (13)
  • Voice User Interface (13)
  • Javascript (11)
  • OTT Apps (11)
  • Business Intelligence (10)
  • Data Enrichment (10)
  • Infographic (10)
  • Big Data (9)
  • Education (9)
  • Microsoft (6)
  • Real Estate (5)
  • Banking (4)
  • Game Development (4)
  • Enterprise Mobility (3)
  • Hospitality (3)
  • eLearning (2)
  • Public Sector (1)
see all

Posts by Topic

  • Software Development (175)
  • Artificial Intelligence (169)
  • Mobile App Development (166)
  • Healthcare (137)
  • DevOps (80)
  • Digital Commerce (60)
  • Web Development (57)
  • CloudOps (54)
  • Digital Transformation (37)
  • Fintech (36)
  • UI/UX (29)
  • Software Architecture (27)
  • On - Demand Apps (26)
  • Internet of Things (IoT) (25)
  • Open Source (25)
  • Outsourcing (24)
  • Blockchain (21)
  • Newsroom (21)
  • Salesforce (21)
  • Technology (18)
  • Software Testing (16)
  • StartUps (16)
  • Customer Experience (14)
  • Robotic Process Automation (13)
  • Voice User Interface (13)
  • Javascript (11)
  • OTT Apps (11)
  • Business Intelligence (10)
  • Data Enrichment (10)
  • Infographic (10)
  • Big Data (9)
  • Education (9)
  • Microsoft (6)
  • Real Estate (5)
  • Banking (4)
  • Game Development (4)
  • Enterprise Mobility (3)
  • Hospitality (3)
  • eLearning (2)
  • Public Sector (1)
see all topics

Elevate Your Software Project, Let's Talk Now

Awards & Accolades

dj
dj
dj
dj
dj
Aws-certification-logo
microsoft-partner-2-1
microsoft-partner
google-cloud-partne
e-UI-Path-Partner-logo
partner-salesforce-reg-consulting-partner-1-1
daffodil-logo
info@daffodilsw.com
  • Home
  • About Daffodil
  • Locations
  • Privacy Policy
  • Careers

© 2025 Daffodil Unthinkable Software Corp. All Rights Reserved.

[fa icon="chevron-up"]