Your TELUS Collaborative Health Record (CHR) incorporates a vast amount of patient data, most of which is considered protected health information. With the advancement of technology, advanced cyber threats have escalated.
TELUS Health manages the security of your CHR and patient data. However, there are numerous privacy and security features that you can implement to prevent unauthorized access to your CHR and keep your patient data safe.
Security
Ensure all users log in to their CHR account with two-factor authentication.
Ensure CHR users use HIPAA-compliant passwords.
Set a password expiry interval or recommend users change their CHR password regularly.
Set how many failed sign-in attempts are allowed before a user is locked out, and the length of time they are locked out.
Allow only specific IP addresses to access your clinic's CHR domain.
Monitor CHR user activities regularly by requesting CHR user activity and access logs.
Monitor activity in a patient chart by reviewing recent patient chart activity.
Privacy
Control access to patient charts through the CHR user permissions settings.
Ensure all users set their account time-out duration after a period of inactivity (extremely important when using a shared workspace). Alternatively, ensure users log out of the CHR or lock their workstation when they leave their computer.
Prevent users from logging into their CHR accounts on multiple devices simultaneously to ensure they don’t leave an unattended workstation logged in.
Enable privacy mode when you share your CHR screen with your patients. Patient names in the scheduler and in the opened patient charts list are blurred.
Send messages to your patients using the patient portal instead of sending information to their email account.
Use Instant Chat or the internal messaging feature to discuss patients with other clinic users instead of sending information to their cell phones or personal email accounts.
When using any of the TELUS CHR apps and products to collect personal health information via Qnaires (such as eBooking, Patient Portal, virtual visits, Intake and Connect), you can add your own customised privacy and consent terms that patients see every time they complete a Qnaire. See Adding privacy and consent terms (disclaimer) to your Qnaires.
Frequently asked privacy and security questions
How is Qnaire data kept safe?
CHR data is fully encrypted at rest and in transit. Data in transit is encrypted using TLS. Encryption at rest is performed with multiple layers of AES.
Updated September 11, 2024