.li < color: black; >
Security

Staying Secure: Why it Matters to Maternal Health

July 28, 2020

On July 22nd, 2020 Treehouse Medical's CEO and CTO joined with MedStack to provide a look at what compliance, privacy and security meant for the future of digital health in the maternal space.

Want to view the full webinar? Visit our Treehouse Medical Youtube Page and watch the full webinar today. Check out the link here. https://www.youtube.com/watch?v=SfxTRGvdKr4&t=407s


MedStack is an out-of-the-box HIPAA compliance solution for digital health startups. They empower innovators to easily build compliant applications from the start and meet the requirements of today’s healthcare enterprise systems.


Maternal health providers like midwives, doulas and lactation consultants all provide expert medical and non-medical care. They are part of many expectant mothers and families care journeys from conception to the postpartum days and first year. Because they provide expert care they also have a responsibility to provide expert care of their data.


The reason for a discussion about protection and understanding security is because health information data is considered the most sensitive data in the world.


FACT:

“A patient health record is worth 35x the value of a credit card on the black market.”

- Balaji Gopalan, CEO/MedStack


What is Protected Health Information (PHI)

  • Name
  • Location
  • Contact Information
  • Medical and Insurance Identifiers
  • Electronic Addresses
  • Biometric identifiers
  • Identifying images
  • Any other identifying property


Even if the individual simply interacts with someone in the healthcare sphere, this information is considered protected and as a result the provider should be taking measures to ensure they are meeting the highest standards.


The notion of privacy is integral to the overall health industry. Furthermore, the notion of the birth of a child is a very personal time moment in any one’s life.


As a provider and or individual who is receiving care, we have a commitment to track:

i) who has access;

ii) when can they access;  

ii) how is that access established;

iv) how are they given access;

v) how they revoke access;

vi) how is it protected; and

vii) what do you do when there is a breach.

Whether this interaction is with a  hospital, lab, clinic, insurance company this is critical to ensuring the highest level of protection.


Regulations in Canada

Balaji reiterated throughout our discussion that we have a responsibility to adhere to the regulations but that the public expects this of us as well given the prevalence of social media. This responsibility applies to whether you are a provider or receive the services of a provider.


In Canada, PIPEDA (The Personal Information and Protection and Electronic Documents Act) governs consent, collection, protection practices of private organizations and provides special call-outs for health data. Healthcare in Canada is provincial and although each province and territory is responsible for its own legislation, the reality is that much of the time the regulations across provinces and territories align and have similar expectations.


Treehouse Medical’s Security Infrastructure

Treehouse Medical features a tri-level security model.


Layer 1.

Client-side security

  • End to end encryption
  • At rest encryption
  • Application sandboxing
  • Automatic updating


Layer 2.

Server-side security

  • Disk encryption
  • Transit encryption and key management
  • Firewalls
  • Intrusion detection system
  • Encryption backups
  • Patches
  • Minimal metadata collection


Layer 3.

Data-center physical security

  • Perimeter
  • Entrance
  • Traversal
  • Datacenter


The highest level of compliance is one of Treehouse Medical’s foundational pillars.

Using tools that provide good care drives trust, better innovation, and better data analysis which in turn provides superior care and patient/client outcomes for the future.


Our commitment is focused on supporting mothers, families and care providers in a space that is often overlooked and underserved from a health software and management perspective. The maternal health industry will need to adapt rapidly to the growing demands of digital care and management. As such, Treehouse Medical intends on leading the way in connecting providers across Canada and globally in delivering premium and superior innovative tools.


Treehouse Medical is Canada’s first maternal health care management platform for doulas, lactation consultants, and midwives. The only two-way management platform where providers can securely communicate with their care team and their clients along with managing their care journey.


Want to learn more today? Book a conversation today.