Pen CS recognises that clinical data security and privacy is critical to health services, providers, practice staff and patients. At all times Pen CS developed eHealth software reflects this understanding so that you can not only be assured that our products will enhance the provision of health services to your clients but will also uphold the high levels of clinical data security and privacy demanded by all stakeholders.
The Purpose of the Pen CS Clinical Data Policy is to:
•Clearly state the position of Pen CS with respect to the security, privacy and sharing of clinical data; and
•clearly state how this position is translated into the development of our eHealth products.
The “Pen CS Position” on Clinical Data
Pen CS is specifically disinterested in patient data and has no interest in viewing or storing patient data. Pen CS’ interest is specifically in the development and commercial sale of eHealth solutions that allow clinicians to better manage their patient populations for the achievement of best practice, improved patient outcomes and delivering business benefits to the clinical settings that use Pen CS eHealth solutions.
Pen CS does have an interest in developing leading-edge eHealth tools that facilitate the greater sharing of de-identified clinical information for the delivery of population health outcomes, however, Pen CS’ interest is specifically in developing the commercial tools to manage this. Under no circumstances will Pen CS be the custodians of clinical data and believes that such responsibilities are reserved for authorised and appropriate agencies with clinical data governance structures in place; and only with the appropriate consent of providers and their patients. NO DATA CAN BE SHARED WITHOUT USER CONSENT.
Pen CS may from time-to-time utilise clinical data for the express purpose of development and/or quality assurance (QA) testing of software products or to provide necessary product support. Pen CS can only gain access to data where appropriate consent is given. Only Pen CS staff and contractors shall have access to data for the purpose of development, QA and/or support. All efforts are made to de-identify data for the purpose of development, QA and/or support, data for this purpose is stored in high-security systems and all data used for this purpose is destroyed once development, QA and/or support is complete.
Pen CS Access to Clinical Data
Pen CS DOES NOT have access to clinical data through our eHealth software products. Pen CS products are developed so that all clinical data is stored on the local system (server or desktop). Pen CS deploys and updates a number of products via internet download and licenses products against a Pen CS held “licensing server”. When Pen CS products such as Pen CS CAT4™ and PrimaryCareSidebar™ (and associated licensed panels) are launched with an active internet connection, the product will:
•Verify the currency of the license of the user against the “licensing server”; and
•Check for new software updates as they become available.
These features ensure that the user experience is maximised at all times and DO NOT provide access to the user system or clinical data.