As you would expect, Precedence pays a great deal of attention to privacy and security. Provision of secure access to health care information is a key part of what Inca does. This is backed up by a security plan that covers a range of goals and controls aimed at managing security incidents including breaches or potential breaches. Should you have any questions, please contact the Precedence Health Care Privacy Officer on (03) 9023 0800.
Technical details: All data is managed securely with encryption and access controls for all users. Strict security protocols take into account network infrastructure, backup and disaster recovery, physical security procedures, system controls, contractual oversight of outsourced internet hosting, management of other assets, staff management and maintenance of an open process for reporting incidents.
The contracted facilities management services provide:
- A physically secure environment (a certified ISO 27001:2013 information security) with controlled access in a “sensitive data facility”.
- An Uninterruptible Power Supply, air-conditioning and fire-suppression system.
- Communication between Precedence Health Care and the hosting service using a Secure Shell (SSH) connection with key based authentication and a certificate based VPN tunnel.
The sensitive data facility includes:
- Allocation to a dedicated secure (firewalled) router and network.
- Allocation to rack space in a secure rack.
- Allocation to sensitive data back-up facility (ie. tape and management system).
- Utilisation of human resources and QA procedures from a sensitive data subgroup of the hosting service.
In addition to the above, hourly backups are made on a separately hosted secure server in a separate location.
Apart from standard secure connections for portal and web services access, Inca does not have any special or unusual configuration requirements for opening of firewalls or gateways on end-user machines.
Inca is closely monitored by the development team for a range of potential threats, exploits and abuses relating to uploaded data.
Related Articles
Privacy and Security
What protections are in place to ensure information security? Precedence uses industry best practice for data connectivity, secure record storage, security audits, disaster recovery, staff training and support. The MediTracker network uses SSL/TLS ...
How does Inca collect and share health information?
Precedence Health Care’s Integrated Care Platform (Inca) is a cloud- based network of digital health and wellness services, including MediTracker mobile application services. It is important that all users of Inca services understand how the network ...
How to Upload your Care Plan to Inca
1. Open the patient in your practice software. You will receive a pop-up notification if you are opening the patient record for the first time that day. The ‘Status’ section will display your action as “Upload Care Plan" Click the ‘Upload Care Plan’ ...
Isn’t this shared information in Inca risky?
There are risks with using a shared database, just as there are risks with using a fax, electronic mail, or paper based records. Inca is designed to maintain a full audit trail of all entry of and access to information and, providing that the ...
GPMP/TCA Review: For patients without an existing Inca care plan
This page will display the GPMP/TCA review workflow for a patient with no existing Inca care plan. Both the GP and Nurse workflows are identical. If the care plan is approved by the nurse, the GP must still log in to Inca to electronically sign the ...