Products
Concerto
Physician Portal for Physicians
Physician Portal for HIT Professionals
Physician Portal for Organizations
Physician Portal: RHIO
Patient Privacy Manager
User Messaging & Notifications
Oracle HTB
Demonstration
Case Studies
Technical Details
cWorkflow Modules
Rhapsody
Symphonia

Patient Privacy Manager

The Concerto Physician Portal has comprehensive security features to support health organizations in preventing unauthorized access to confidential patient data. They also ensure healthcare organizations comply with relevant privacy and security regulations, including HIPAA.

Secure access through a Single Sign-On
Each Concerto Physician Portal user has a unique user name. Authentication information for each user is encrypted and stored securely.

 

Access to data based on role and location
Concerto Physician Portal users are only granted access to information and applications if they have the correct security clearance. Individual Concerto Physician Portal users are assigned to configurable user groups that determine their level of access to different information systems.
Access can be restricted depending on a user's physical location within the enterprise, and restrictions can also be imposed on individual documents.

 

Recording and enforcing patient consent
Some jurisdictions legally require healthcare organizations to obtain specific consent from patients for the use of certain types of personal health data. Concerto Physician Portal provides electronic tools for hospital staff to record consent and patient preferences, which can then be automatically enforced.

 

Inactivity time-out
After a pre-defined period of inactivity within Concerto Physician Portal, a user will be automatically logged out. This reduces the chance that patient could be inadvertently viewed by unauthorized parties. Time-out periods can be adjusted to reflect the security risks of different departments and different physical environments within an enterprise.

 

Full audit log
All user activity within Concerto Physician Portal is recorded in a permanent audit log. Sign-ons, sign-outs, applications used, security overrides, patients viewed and documents viewed are all recorded. Concerto Physician Portal stores audit data in a separate audit database.

 

"Opening the privacy seal"
In emergency situations or with specific patient permission, a physician may need to override normal security conditions. Concerto Physician Portal provides a function that will allow physicians to view data normally restricted to them, by "opening the privacy seal". Physicians must enter a reason for the override. All security overrides are recorded in an audit log, and the information remains secure to those who have not opened the seal.