SECURITY AND ACCESS

The Credible EHR is a web-based application housed on secure, managed servers residing at a commercial data center.  128-bit encryption and two-factor authentication assure it is secure and HIPAA compliant.  Because the EHR can be accessed from any computer that has Internet access, staff are required to maintain the security of the Protected Health Information stored in the EHR.  This means, logging off from terminals, not sharing user id’s and passwords and never downloading an individual’s data to computers that are not property of PCS. 

All access to the EHR is electronically recorded and all activity is logged.  Only System Administrators have access to these logs.  All requests for access to the security logs must be approved by the Information Technology Director. 

The use of laptops and portable media are permitted as long as they are securely encrypted with PCS approved encryption software.