MEDICAL RECORD SECURITY SYSTEM

The platform complies with the requirements relating to the security of personal data, including encryption and two-factor authentication

Two further factors must be added for the use of the Medical Record

For patients, access occurs with 5 security levels. Jhon Doe

  • 1)

    Username

  • 2)

    Password

  • 3)

    Selection of Professional or Registered Structure

  • 4)

    Professional Authorization or Registered Structure

  • 5)

    Access by the professional or healthcare facility to the medical record is regulated by a PIN (Personal Identification Number) which is issued only after the profession or facility manager has been certified and documented by the Pharmamedic administration.

Jhon Doe

Family members or other operators who are ALWAYS registered with Pharmamedic and who CAN ONLY VIEW THE MEDICAL RECORD

ONLY DOCTORS IN POSSESSION OF THE PIN CAN EDITING THE CLINICAL RECORD

Doctors who want to add their patients must ask them for authorization which occurs FROM THE TERMINAL and only on the page for managing medical records in the reserved area.

PATIENTS AND THEIR AUTHORIZED FAMILY MEMBERS CANNOT EDITING THE CLINICAL RECORD but they can upload files or reports of instrumental or laboratory tests.

Jhon Doe

Pharmamedic has no relationship with patients to administer the medical records since it does not control any database of the same and never has access to them. As well as for instrumental or laboratory test reports or any file.

In the authorization phase of access to the medical record, the user must previously authorize and give consent to the professional and/or the Healthcare Director and legal representative of the structure selected in accordance with European Regulation 2016/679

And to the substitute doctors, from the network or group association, the CFSMG trainee doctors, as well as any collaborators authorized by him.

And to the substitute doctors, from the network or group association, the CFSMG trainee doctors, as well as any collaborators authorized by him.

I authorize the data controller and the persons authorized to process, according to the respective competences, to deliver the health documentation to the delegated persons and indicated below:

This is for the purposes of:

  • 1.

    In addition to personal and demographic data, collect data on health conditions

  • 2.

    Being able to process information with electronic tools for purposes related to prevention, diagnosis, treatment and rehabilitation activities to protect health.

  • 3.

    Have the possibility to process personal data for scientific purposes (scientific research and/or controlled clinical trials of medicines), in the context of teleassistance or telemedicine, to provide other goods and services via an electronic communications network;

Jhon Doe
Jhon Doe
  • 4.

    The receipt of stolen goods and the sickness certificates, in compliance with the provisions of the law, will be sent electronically to the various subjects identified by the legislator, subjects who become the owners of the security of their systems;

  • 5.

    The possibility that this information is available for consultation by doctors appointed to replace the secretary in the event of absence for the updating and maintenance of the visit diary, as well as by doctors in association in a network or in a group and by trainee doctors of the training course Specific Training in General Medicine (CFSMG);

  • 6.

    Have the possibility that the personal data can be communicated to the Accounting Consultant for the registration of the tax documentation.

  • 7.

    Have the possibility that such information may be provided anonymously to third parties to carry out epidemiological research and statistical analyses; this information may be reprocessed, in an aggregate and anonymous form and therefore without any reference to individuals.

  • 8.

    Have the possibility that the data can be viewed by the personnel responsible for the assistance and maintenance of the IT systems.

  • 9.

    Be able, if it is necessary to provide a benefit and/or service in the patient's interest, to be communicated to:

    • Public health bodies (local health authorities, hospitals, etc.);

    • Private healthcare organizations (clinics, analysis laboratories, etc.) or those practicing healthcare professions (specialist doctors, pharmacists, ADI staff, etc.);

    • Assistance and social security bodies (Inps, Inail, etc.); limited to those data and operations indispensable to pursue the purposes referred to in paragraph 1).

Jhon Doe
  • 10.

    Being able to have the possibility that the IT data will be processed by third parties for the synchronization of the same from/to a single Data Center, also with the CLOUD COMPUTING system, to make it possible to exchange the file with medical colleagues on the network or in group, during the outpatient visit.

  • 11.

    Be able to manage measures to ensure the confidentiality of information.

FaLang translation system by Faboba