YOUR DATA IS IN SAFE HANDS
From the beginning, 4myHealth was developed with the highest security and data protection standards in mind. 4myHealth has been GDPR compliant since day one!
LEGAL COMPLIANCE AND DATA PROTECTION
When 4myHealth started developing a web-based patient management system in 2013, we entered the new legal territory. Together with data protection experts from the renowned law firm BLS4LAW, the legal requirements were examined and a concept was developed to create the most modern doctor-patient administration solution to date. Therefore, 4myHealth meets all legal and data protection requirements.
HOSTING YOUR DATA
A professional doctor-patient administration solution needs a professional hosting partner. We have chosen the leading Austrian IT specialist Anexia whose mission has always been to provide the best physical security, IT security, encryption, and confidentiality. 4myHealth runs in an ISO 9001 and ISO 27001 certified data center, which is regularly checked by internal and external audits.
From the very first second, the transmission of your data is encrypted. On the web server itself, the data uses a cryptographic key and is stored in a separate area from the 4myHealth web application. Therefore, both the access and the storage of your data follow extremely strict standards. Since we are always working on our application and adding new features, we are constantly enhancing the necessary security. At the beginning of 2018, we implemented two-factor authentication, which can be used to access 4myHealth from outside your practice.
ACCESS TO DATA
Access to your account and data takes place via two-factor authentication. In addition to the username and password, a temporarily PIN, which you will receive by SMS or e-mail, must also be entered. This ensures that your data is protected by a second layer of security.
The hosting provider stores your data in a computer center on a virtual server. Access to the physical server at ANEXIA can only be granted by authorized persons and is secured by biometric security.
Your data is continuously backed up on another storage medium. Therefore, manual data backups are no longer necessary and cannot be performed within the web application. This restriction has been implemented to prevent data theft and increase data security. The data center treats data backup as an essential function as a production system. The continual backup of your data to a geographically different location further contributes to the security of your data.
The General Data Protection Regulation (GDPR), which came into effect in May 2018, has been implemented within the framework of 4myHealth since the very beginning. In addition to the encrypted transmission and storage of data, all activities are also logged. These activity logs provide an overview of who retrieved or changed data such as patient data, consultation data, documents, etc. ensuring the identification of the person responsible in accordance with the GDPR.
CONTRIBUTE TO DATA PROTECTION
The protection of data is always dependent upon a secure handling of the logins and passwords of each individual. We, therefore, recommend you use strong and unusual passwords and to change them regularly. It is also important to keep the operating system on your computer up to date and to activate your lock screen. 4myHealth automatically deactivates a user if he or she is not active for some time. In addition, user access is blocked for a certain period of time in the event of repeated and incorrect password entry. This protects against external hacker attacks using automated login attempts.