Security and privacy safeguards

Personal Information Protection

Nightingale is a software provider for the healthcare community, and a supplier of browser-based solutions for primary care and specialty ambulatory clinics in Canada. Nightingale’s application, Nightingale on Demand (also known as myNightingale), is built on a web-based, open architecture Application Service Provider (ASP) platform. The application provides end users with the ability to record and manage office and clinical procedures including patient appointments, provincial and private invoicing, clinical encounter documentation, prescription writing, lab & DI requisitioning, referrals and electronic lab and DI results reporting.

In providing this service, Nightingale is considered an agent to a Health Information Custodian (HIC) and the information within the realm of Nightingale with respect to the application is considered personal health information under the terms of the Personal Health Information Protection Act (PHIPA), S.O. 2004 and Health Information Act (HIA).

Nightingale has implemented safeguards to protect the confidentiality of personal health information that is collected through its application pursuant to applicable Provincial and Federal Regulations.

Nightingale Safeguards

The Nightingale application includes tools that enable healthcare providers to safeguard health information. Nightingale has also developed company wide Security and Privacy policies that ensure the safeguarding of Personal Information through physical, administrative and technological measures. These safeguards include:

Conducting regular threat risk assessments and vulnerability tests
Enforcing strict username and password policies
Implementing strict access controls to patient information
Regular monitoring of potential and actual security breaches
Strict hardware and software management and monitoring procedures
Enforcing staff and contractor compliance with Company security and privacy policies