Almost daily another article appears extolling the virtues of mobile apps to improve your health. But what are the risks?
Certainly we have all heard about the Home Depot and Target breaches and loss of customer data. Now hackers are going after health insurance companies like Anthem. There appear to be two different strategies in these hack attacks. Those against stores focus on stealing credit card information. Attacks on health insurance companies focus on information which can be used for identity theft or health care fraud.
At Semafores we take your privacy and the security of your data very seriously. Here are some of the ways Curi™ will help protect your data. First, we will keep your information protected against eavesdropping. Whether you are in a coffee shop or cafe using a public Wi-Fi, or using your own data plan, your communications between your cell phone or tablet and our servers will be encrypted using SSL technology; the same technology used in https internet connections. This prevents your data from being read by hackers using sniffers or man-in-the-middle attacks.
Next, information stored on our servers that identifies you as an individual (your name, address, credit card information, phone numbers etc.) will be strongly encrypted and kept separate from other data. This means, any hacker that tries to steal your personal information from us will only see a meaningless garble of numbers.
Information about any medicines you are taking, any appointments you have made, or any journals you are keeping is not encrypted, but it is only associated with your name by means of a specially encoded digital key. Anyone that tries to steal appointment or medical data will have no way to associate that data with any individual. We will keep only a limited amount of this information in our systems and only until all the smartphones in your group (e.g. yours, your spouse’s, etc.) have been synchronized with your most current changes.
These are not just good ideas. These are fashioned from the FDA’s HIPAA regulations for safeguarding private health information (PHI) in electronic data systems. These are the same regulations hospitals and health insurance companies must follow to protect your information. Our data is stored in a HIPAA compliant Cloud hosting service which means the systems and servers meet the exacting standards of the HIPAA regulations as does the physical plant security and their personnel. It also means that the system’s performance is constantly monitored so that problems of congestion or failures are automatically compensated for, the latest security patches are promptly integrated and backups for data are instantly available.
Note that this is all an extra measure of protection because Curi™ is never directly connected to a doctor’s office or insurance company where the HIPAA rules are in full effect. If you choose, you can export your information and journals from your device so you can give them to your doctor or medical professional.
We will provide a safe, secure platform from which you can orchestrate the care give for your family. We make good health easier.