weShare® URO Security and Privacy
weShare URO is deemed a HIPAA, PHI, and PII compliant software suite, built by Symptelligence Medical Informatics LLC, and aimed at improving the healthcare landscape through innovation without exposing covered entities to any risk. weShare URO is intended to meet or exceed HIPAA requirements: not only protecting covered entities from exposing protecting information, but assisting patients in protecting themselves from losing data.
The Symptelligence Medical Informatics weShare Suite Approach to Data Security and Privacy
The entire Symptelligence suite of has been designed to support international operations and provide a secure environment that meets National and International laws and regulations for HIPAA (U.S.) and storage and management of PHI and PII. Through a combination of internal capabilities and strategic partnerships for development and hosting services, the Symptelligence operations is set up to meet or exceed operational requirements for service levels, while meeting production schedules, controlling costs, and managing regulatory risk.
Security on the weShare URO Mobile Application
The weShare URO Mobile application, and applicable to both Android and IOS platforms, provides a secure environment. Patients must use a pass code to access the application. All data on the mobile device is encrypted at rest and in transit using industry best practices for secure applications. Only the mobile user with the designated passcode to the application may enter, access, and view the information. Additionally, PII, and PHI are not transmitted.
Security on the weShare URO Physician (Web) Portal
The weShare URO Physician portal is designed to provide a secure environment. Clinical administrators, clinicians, and physicians must log in with their unique ID to access the system. Only Physicians and their authorized staff can access information on patients within the medical clinics. The Portal application is designed using industry best practices to insure that data is properly protected and managed to meet HIPAA, PHI, and PII requirements. This includes, but not limited to, use of encryption (SSL), login ID and password, multi-level user access, session time-out.
Data Center Operations Security
Symptelligence Production Information and Systems Architecture is deployed in a hybrid cloud environment located at Armor’s Tier 4 security level data center in Phoenix, Az. Armor is a niche hosting services provider that specializes in hosting HIPAA compliance applications and services. Armor services provides Symptelligence with a fully redundant physical configuration and management of the physical configuration and our virtualized infrastructure up to the OS level. Armor services are leveraged for providing the secure architecture, and also for network and support services of the physical and logical (virtualized) infrastructure. Within the Symptelligence product architecture, all data whether at rest, or in transit, is encrypted to meet national and international requirements for privacy and data protection.
Armor compliance information can be found at https://www.armor.com/company/certifications.