Patient app (UpPatient) security features
Updated over a week ago

The TELUS CHR UpPatient app has a number of security features built in to keep your patient's information safe.

Email verification

  • When users register on the app, the email they register with is confirmed to ensure the patient is who they say they are.

Login / Logout

  • Biometric authentication: After patients register and log in to UpPatient, they have the option to enable biometric authentication (fingerprint or facial recognition) to log in to the app going forward.

  • UpPatient automatically logs users out after a short period of inactivity and requires a password, fingerprint, or facial recognition scan to log back in.

Secure data storage

  • Because the patient data is saved on a server, and not on the device, there is no encryption required. The only data saved on the device is the session token.

  • Data stored on a server is encrypted ("encrypted at rest") and sensitive data (PHI) has an additional layer of encryption.

  • In the event that a non-authorized third party attempts to access sensitive data or files, they cannot view or interpret the data.

Data transmission

  • Data transmitted between the app and the servers is over https, which is itself encrypted for increased security. Thus, network providers can't read or intercept these communications.

Explicit device permissions are required for the following when opening the downloaded app for the first time:

  • Camera: Mandatory for virtual video consults

  • Microphone: Mandatory for virtual consults that are initiated as audio only

  • Push notifications: Required for notifying the app user when their provider attempts to initiate a virtual consult or if a provider sends them a message.

Updated October 31, 2022

Did this answer your question?