The purpose of Information Governance is to ensure that the confidentiality of patient information and compliance to information governance is built into the design of the 3DnetMedical service provided to healthcare professionals. Information governance and security underpins 3DnetMedical and, as an organisation, Biotronics3D strives to achieve excellence in the services we provide.
Information Governance is an umbrella term for the following key components central to their existing arrangements, in summary:
The existing arrangements for Information Governance within Biotronics3D are:
Biotronics3D achieves the Information Governance Agenda by:
Biotronics3D operates under ISO 13485:2003 (quality management system); audited by BSi and an external auditor annually. Biotronics3D complies with ISO 62304 (medical software development) and incorporates ISO 14971 (risk analysis) into product developments.
All Biotronics3D products and operations conform to industry standards including CE Annex II of directive 93/42/EEC, DICOM, HL7 and IHE.
3DnetMedical aims to deliver a fast, secure and reliable way to share information between disparate locations. Usually, healthcare providers can extend the imaging network’s resources by adding VPN; connecting consultants from remote locations to the imaging network securely and reliably.
Today faster and more reliable services are available at lower costs than VPN – technologies that use standard internet communications ports without sacrificing performance and security. The 3Dnet Gateway transmits case data to a regional data centre; so that information is available to users securely through any internet browser.
Our public cloud service is collocated in dedicated spaces at top-tier data centers. These facilities provide carrier-level support, including:
This section of the document sets out the top level commitment by Biotronics3D that covers the sharing of personal information via the 3DnetMedical platform and Biotronics3D’s adherence to the principles, standards and directions defined within it. 3DnetMedical aims to facilitate a consistent, reliable approach to sharing of accurate information in a timely manner that will benefit stakeholders and their services whilst protecting the privacy of the persons the information is about. Biotronics3D will constantly review internally as industry principles and underlying technologies continue to evolve, when there is a change in governing legislation, or at the request of any organisation using the document if there is a concern over the document’s fitness for purpose.
3DnetMedical makes use of industry leading technologies to make sensitive data easily accessible to authenticated users for diagnostic review whilst removing all dependence on software and hardware. Biotronics3D sees this as a key enabler for the provision of effective services, particularly where a co-ordinated approach across a distributed network is required to make decisions in a timely manner. The 3DnetMedical service, Biotronics3D and their select data centre partners are focussed on managing information sharing services to the highest industry standards and to maintain a secure environment in which to review sensitive patient information. By constant revision and development of systems, operations and policies, we strive to address the evolving privacy concerns of all stakeholders while limiting any potential loss of data or confidentiality breach.
Biotronics3D has taken a number of measures to ensure the protection of sensitive patient information, ensuring all information acquisition and releases are securely controlled:
Biotronics3D provides a trusted and independently authenticated service and maintaining patient confidentiality is a fundamental principle of Biotronics3D. We comply with the highest industry standards and are internationally accredited. Biotronics3D also takes further steps to avoid disclosure (when confidential information about a person/body is released, either directly or indirectly, in breach of public trust or legal obligations) through the novel mechanisms encompassed by the 3DnetMedical service. As a data controller, 3DnetMedical will accept and display DICOM images that are sent to it from a particular site and makes it available to relevant physicians. It will also accept HL7 messages and other information associated with a particular case. The level of detail presented to the user is entirely up to the hospital. Various permissions can be set at a user level in order to manage what a specific user accesses. Biotronics3D and its data centre partners are both compliant with ISO27000 and ensure robust, up-to-date security arrangements are in place. The 3Dnet Gateway ensures that data is encrypted to the highest industry standards during collection and transit. Data stored in the cloud is also encrypted at rest. Typically a new case is cached for 30 days although shorter terms can also be defined and long term archiving is an available service. Timely access to this information is critical to authenticated users and Biotronics3D balance this with high levels of security to ensure prompt diagnosis. At no point does data move out of the cloud, and no residual data remains with the client following disconnection. While Biotronics3D has taken the necessary steps to ensure the highest levels of security and full compliance with industry standards for data residing with Biotronics3D at its data centre partners, the responsibility of log in details lies with the user, as set out in the Terms & Conditions. Data that is moved out of the secure environment provided by Biotronics3D explicitly by the user (to PACS for example) is no longer the responsibility of Biotronics3D who cannot be held accountable for it (as set out in the company liability insurance that covers Biotronics3D from such risks and requirements). It remains the user's responsibility to ensure that use of the 3DnetMedical service complies with local clinical governance policy.
Key principle - inclusion of any data that might identify an individual must be justified and agreed as both necessary and proportionate to achieve the purpose(s).
Biotronics3D regularly monitors the usage and user statistics of 3DnetMedical. The data does not in any way identify individuals or patient identifiable information, just the collated usage information (number of users per organisation, number of cases per month, breakdown of cases by modality, etc.).
3DnetMedical shares personal/sensitive individual information in a fair and lawful way, sharing only necessary data. The legal basis for sharing is set out in the Data Protection Act (1998), common law duty of confidentiality and the Human Rights Act (1998). Lawful sharing usually requires consent from the individual, unless there is a legal power to share information where sharing without consent can be justified by a robust public interest, or in the vital interests of an individual. Vital interests are related to conditions in the Data Protection Act (1998) and are recognised practice in the common law of confidentiality. In addition sharing must be ‘fair’ by ensuring the subject is aware of what is being shared and for what purpose. Schedule 3 of the Data Protection Act, “Conditions relevant for purposes processing of sensitive personal data”, section 8, “the processing is necessary for medical purposes by a person who in the circumstances owes a duty of confidentiality which is equivalent to that which would arise if that person were a health professional”, justifies the disclosure of patient information to the privy physician, facilitated by the 3DnetMedical platform.
|Overall purpose(s):||Initial justification (DPA based)||Initial level of identity|
|Delivering routine care and treatment across agencies||Consent of the individual. Between healthcare providers this can be implicit||Identifiable data generally required|
|Delivering care and treatment across agencies where the failure to do so effectively carries significant risk of avoidable substantial harm to individual(s).||If gaining consent would delay or put individuals at increased risk, can be shared on the basis of ‘vital interests’ of the individual(s).||Identifiable data generally required|
|Monitoring and improving 3DnetMedical services||Based on legitimate management of healthcare services, Biotronics3D actively monitors its systems and operations to ensure uptime and service levels are maintained.||Identifiable data generally required|
Biotronics3D has endeavoured to address the responsibilities set out to assure compliance to the stringent framework and principles.
3DnetMedical allows the creation of a virtual site that is essentially an extension of the Trust. Unlike VPN or CITRIX clients, 3DnetMedical delivers images in full diagnostic quality, reducing the chance of missed ROIs. The data transfer mechanism is as secure, if not more, delivered by establishing an encrypted, SFTP connection between your Trust and the virtual site. Data is encrypted at rest. When being viewed, data is encrypted with the highest Verisign levels available. Upon viewing, no data is downloaded to the client – the data is never moved out of the data centre. If the connection is severed, no data remains with the client. These mechanisms allow the physician to connect with sensitive patient information to which they are privy, in a secure, timely manner; aiding accurate, timely decision making
Biotronics3D is simply an enabler and data controller, and staff have limited access to identifiable patient information. Those that do will only access this level with explicit consent. No patient identifiable information other than the DICOM header information is shared. However, each Trust can set the level of individual user access to patient-identifiable information for each of its virtual sites, and it is up to the Trust to define a level that reflects its internal policies.
Biotronics3D only manages the minimum required patient information provided by DICOM header data. No data is collected / held with Biotronics3D. DICOM data is read by the system through automated rules defined by the user, to 1) automate the workflow in accordance with user needs – e.g. a user may set up hanging protocol rules to display case types in a specific way, for instance “for all MR” + “display series 1 on left” + “display series 2 on right”. 2) So that patient information is returned to the Trust after being read and/or reported, and is properly archived.
All user accounts are individually authenticated before their account details are registered and associated to a particular virtual site. Users will only have access to the site they are associated with. Virtual sites can represent an individual user, or organisation. In addition, user permission can be set individually as recommended by the Trust (Stop Access, Can Upload, Can Download, Can Delete, Transfer Study, View Patient Info). An admin can thereby set individual user permissions as to whether or not they are able to view patient information, in line with the Trust’s policies.
3DnetMedical acts as a secure broker of the information, enabling diagnosis by connecting sensitive patient information with the clinical skill in a timely, secure manner. We have taken every precaution to protect patient privacy. We will follow the organisation objectives and provide an administrative account for each Trust to view (and amend) user permissions as appropriate.
|Caldicott Principle||Biotronics3D Adherence|
|Organisations must actively inform individuals of how their information may be used and to whom it may be disclosed by provision of literature and through contact with staff. It must highlight their rights to access, withhold and correct information and provide details of the process for individuals to access their records.||Biotronics3D acts as the data processor with no identifiable patient information accessed by the company. Biotronics3D, through 3DnetMedical, aims to provide a method of connecting the clinical professional with meaningful patient information pertinent to them. 3DnetMedical acts as a short term repository of images for reading and reporting, hence the rights to access, withhold and correct information lies with the user of the system.|
|Organisations must complete and maintain a Data Protection notification detailing all sources, subjects, purposes and disclosures relevant to their business and partnerships under any agreement.||Biotronics3D audits all user actions and data movements in the 3DnetMedical system, and can provide these records to hospital staff.|
|Organisations must maintain the accuracy and clarity of data they supply to aid usefulness and consistent interpretation. Where necessary, partner organisations will be informed of any changes to the data they have received and also notify the source of any error they discover.||All data entering the 3DnetMedical database is maintained to the highest levels of accuracy. Biotronics3D endeavours to provide an environment where the information is delivered in a useful, consistent and clear manner that is quickly interpretable.|
|Organisations must ensure that collection and sharing of information is necessary and proportionate to the purpose(s), and neither excessive or inadequate.||As a data controller, 3DnetMedical will accept and display DICOM images that are sent to it from a particular site and makes it available to relevant physicians. It will also accept HL7 messages and other information associated with a particular case. The level of detail presented to the user is therefore entirely up to the hospital. Various permissions can be set at a user level in order to manage what a specific user accesses.|
|Organisations must maintain the confidentiality of data in any form, during collection, transmission and storing with appropriate security arrangements, improving to general compliance with ISO27000.||Biotronics3D and its data centre partners are both compliant with ISO27000 and ensure robust, up-to-date security arrangements are in place. The 3Dnet Gateway ensures that data is encrypted to the highest industry standards during collection and transit. Data stored in the cloud is also encrypted at rest.|
|Organisations will apply relevant regulations to the retention & disposal of records, only keeping information for as long as is necessary in relation to the original purpose(s) for which it was collected.||3DnetMedical typically acts as a short-term repository for diagnostic cases and will purge a study after 30 days of being imported (longer term archiving is available). Each specific imaging department can easily define the length of time a case may stay in the cloud, down to 24 hours.|
|Organisations will ensure all staff are educated to manage information appropriately in line with these principles and organisational policy on the collection and uses of information, supported by terms of employment. Information should only be accessed and shared where there is a ‘need to know’, justified either by consent or another legal basis for sharing the information||The 3DnetMedical system is completely self contained and Biotronics3D staff will not access information from any site unless explicitly asked to do so, or if a problem arises and such information is required to find a solution. In the latter case, only Biotronics3D engineers who have consent and are educated to manage the information properly will do so.|
|Organisations will ensure that any 3rd parties providing a service to them agree and abide by these principles by inclusion in contracts/agreements||Biotronics3D seeks out trusted data centre partners to host the 3DnetMedical solution. Biotronics3D has stringent processing in place to ensure that any 3rd party services providers are compliant with the necessary laws and accredited.|
|Organisations will have processes/systems for recording wishes/restrictions on information expressed by individuals.||3DnetMedical has a unique user interface which allows the user sharing information to restrict what details are seen by another party. Because the information is static and the system manages access to cases, rather than sending cases to the client, this can be done very well and very securely.|
Biotronics3D is registered as a data controller by the Information Commissioner. Biotronics3D abides by the principles which govern the care and use made of personal data. Biotronics3D registration can be found using registration number z2816970.
Biotronics3D security systems are FDA Approved and support the IHE ATNA profile for secure exchange of healthcare information and auditing of events. Systems comply with UK DoH and HIPAA standards and HITECH Act security and privacy requirements. Biotronics3D works with carefully selected data centre partners accredited to provide system, operational and physical security of data. In addition, their data centre partners provide skilled 24x7x365 technical support, service level monitoring and practice at the highest level of security, environmental control, power and cooling with identification access, physical guarding, integrated digital surveillance & CCTV, intruder detection with perimeter fencing, fire detection and suppression systems to LFCDA approval, UPS and backup generators at all sites. They are accredited with the following ISO Standards:
ISO 27001 is the internationally recognised security standard that comprehensively defines the requirements for establishing, implementing and documenting an effective information security management system. ISO 17799 is now established as the de facto standard for information security. Along with the BS7799 information security management standard, the ISO 17799 and accompanying series’ will fall under the banner of ISO 27001.
ISO 9001 provides a set of standardised requirements for a quality management system. Although certification is not a compulsory requirement of the standard, it provides a tried and tested framework for taking a systematic approach to managing organisational processes to consistently meet customer expectations.
3DnetMedical.com has privacy and security-conscious policies that apply to all of our information handling practices.
Biotronics3D comprehensive privacy and security program includes communicating with personnel and customers about current issues and best practices.
Biotronics3D strongly encourages all of our customers and users to adopt industry-standard solutions to secure and protect their authentication credentials, networks, servers, and computers from security attacks.
The 3DnetMedical.com service is highly scalable and redundant, allowing for fluctuation in demand and expansion of users while greatly reducing the threat of long-term outages. Load-balanced networks, pools of application servers, and clustered databases are features of our design.
All customer data is stored in secure data centers and is replicated over secure links to a disaster recovery data center. This design provides the ability to rapidly restore the salesforce.com service in the case of a catastrophic loss.