Here at NeuroFlow, patient privacy isn’t just a reaction to the data breaches in the headlines. From the security features in our products to the processes our teams follow each day, patient privacy has been part of our company’s DNA since the very beginning
Why is Patient Privacy So Important to Us?
NeuroFlow’s focus on patient privacy all starts with the relationship that matters most to our users: the bond between patients and providers. That’s why we never stop working to earn the trust of the providers we support in their care delivery and the patients who aim to manage, improve, and maintain their behavioral health in their daily lives.
A recent Forrester report of over two hundred IT managers in healthcare revealed that their number-one concern in the event of a privacy data breach is “Damage to patient trust,” ranking above both the ramifications of regulatory fines and damage to the reputation of the organization. We agree with this concern, which is why we take a holistic approach to data protection and patient privacy, both in our products and at the office, in the following ways:
Conducting Frequent Risk Assessments
NeuroFlow offers high-touch patient engagement, which means patients are continuously interacting with our application to take care of their mental health through exercises and activities at home, at the office, and on-the-go. To ensure the information they share is always secure, we conduct comprehensive 154-point risk assessments two times each year, along with regular penetration tests by multiple experts.
Practicing HIPAA Compliance as a Product and as People
No matter which department they belong to, everyone at NeuroFlow attends training sessions on patient privacy in their first week and beyond. We follow rigorous internal processes and procedures to maintain HIPAA compliance in our work as individuals. Furthermore, NeuroFlow does not sell patient data, nor do we allow any advertising on our platform.
“Patient trust in the security of our application is paramount to honesty, engagement, and retention. We can never sacrifice privacy as it is the foundation of the culture of respect we champion every day” – NeuroFlow COO & co-founder Adam Pardes
Encrypting Patient Data and Requiring Multi-Factor Authentication
At other technology companies, many people have access to user data. At NeuroFlow, we take patient privacy so seriously that our technical leadership can’t even access patient data. Although this requires team members to take extra steps when resolving simple issues, we feel these steps are justified because we can be honest when we say that patients are our #1 priority.
Investing in Top-Tier Technology for Maximum Security
NeuroFlow’s entire technology platform is hosted on secure FedRAMP-compliant Amazon Web Services (AWS) infrastructure. In this post, Amazon breaks down their additional AWS features to ensure data security and protect against data breaches to the databases they host. Having turned on these features, along with many others, you can be sure we use SSL/TLS protocols for all communications in transit and all ePHI data is encrypted at rest. Moreover, we require MFA (multi factor authentication) for data access and implement extremely strict controls for team access to databases containing ePHI.
Incorporating Patient Privacy into the Way We Innovate Our Products
In just the first half of 2019, an incredible 32 million patient records were breached from a number of healthcare databases; nearly double the 18 million records that were exposed in all of 2018. As hackers become more sophisticated it is the duty of healthcare companies like ours to continuously invest in patient protection measures regarding data.
Adam Pardes, our Chief Operations Officer, notes how we take care to integrate security and patient privacy into everything we do, from product development to customer service. “Patient trust in the security of our application is paramount to honesty, engagement, and retention. We can never sacrifice privacy as it is the foundation of the culture of respect we champion every day in our work here at NeuroFlow.”