Penfield Psychiatry Security Policy
Last updated: January 15, 2024
Penfield Psychiatry, PC. acts as a trusted confidential application service provider dedicated to providing a secure Internet and mobile service.
Penfield Psychiatry employs a high degree of security consciousness. One of Penfield’s priorities is to make reasonable efforts to ensure data security and be fully compliant with all HIPAA regulations. Access, integrity, availability, ownership, authorization, dependability, authentication, and confidentiality are all major considerations within the Penfield Security Policy. Unfortunately, the Internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us.
Penfield upholds its stringent Security Policy with the following security measures:
- Role-Based Usage
Penfield grants varying degrees of access to users with different levels of authority within a provider practice.
- Encryption
All communication between you and the Penfield server is secured by using SSL AES 256-bit encryption. This is the highest level of encryption currently available commercially.
- Data Security
Penfield takes measures to secure your data on our servers, in our data center. Our data center is both physically and electronically secured. Our servers are isolated from the Internet by using a firewall which is a hardware and software system that blocks access by unauthorized parties.
- Confidentiality
Penfield has internal policies that keep your data private and confidential. We will not share your data with any third party except as described in our Privacy Policy. Your data is your data only.
- Login ID and Password
Access to your account is controlled by a login ID and a password, which you chose. Strict login ID and password rules help prevent unauthorized users from gaining access to data. We do NOT store a plain text version of your password. Your password is stored using a one-way hash key and verified using the same one-way hash every time you login, which means no one at Penfield knows what password you have chosen. If you ever forget your password, we force you to choose a new one using an email verification check.
- Auto Log Out
Penfield protects you against accidentally leaving your account active on a computer browser screen. The Penfield service ends your “session” if you are logged into Penfield but have not actively used the service for a set period of time. This prevents others from accessing your account when you leave a session and forget to log out.
- 7. Digital Certificates
Penfield uses a digital certificate issued by DigiCert Inc., a leading Secure Server Certification Authority. This gives you the confidence that you are connected to a site or application operated by Penfield and are authenticated as such.
- Sensitive Information
Penfield handles all your health information with respect to its confidentiality and privacy. We ask that you follow your provider’s policy on communicating sensitive information in their practice.
- Data Integrity
Penfield employs products and technology to help ensure data is available and access to the site continues without interruption.
- Storage and Maintenance of Information
For more information regarding the storage and maintenance of information, please contact Penfield support (info@penfieldpsych.com).
- Firewall
We take reasonable measures to secure your data on our servers, in our data center. Our data center is both physically and electronically secured. Our servers are protected behind the Internet by using a firewall system that blocks access by unauthorized parties.
- What can I do to protect my Privacy?
In order to protect your privacy while using Penfield, you can:
- Never share your sign in name or password.
- Always sign out when you are finished using the service.
- Choose a strong password that consists of upper and lower case letters and numbers.
- Install and maintain anti-virus software and a firewall on all computers that you use to access the Penfield service.
- Promptly install all security and software updates for our iPad/iPhone apps, your web browser, and computer operating systems.