How ChartMedic handles patient privacy

It goes without saying that patient health information security is paramount.  Patients share intimate health concerns with their providers regularly; numerous codes of ethics such as the Hippocratic Oath and the Geneva Conventions state unequivocally that patients should be able to seek treatment without fear or mistrust that confidentiality might be breached.

As a result, everyone in health care organizations takes data security extraordinarily seriously. Despite this, health care information technology infrastructure represents an inviting target for cyber crime. The US Department of Health and Human Services (which maintains a list of health data breaches here) reported more than 450 confidentiality breaches attributable to information system break-ins in 2020. According to a recent report from cloud security company Bitglass, over 20 million individuals' records were affected in 2020, costing healthcare organizations more than $400 per patient record!

The magnitude of this problem has only been growing, year-by-year. According to the US Department of Health and Human Services list, there have been 399 data breaches in the first three quarters of 2021 alone.

From the beginning, ChartMedic was designed with an eye towards this.  The guiding principle is that since ChartMedic does not need to know a patient's identifying information to improve care, it does not collect any of that information.  During the course of a patient interview, the following are collected:
1. clinic / hospital and department in which encounter takes place
2. health-care provider (if known at time of interview start)
3. appointment time and date (if known)
4. year patient was born

(The 1996 Health Insurance Portability and Accountability Act aka "HIPAA" considers the year of birth to identify a patient if it is 90 years prior; in that circumstance, ChartMedic assigns a category of "before year 19xx" for the birth year. Additionally, even though the health information has been de-identified in accordance with HIPAA, ChartMedic has executed HIPAA business associate agreements, or "BAAs", with its cloud storage providers).

Upon interview completion, the information is encrypted and securely transmitted to a server. A pair of images are assigned to the interview, stored along with it, and are shown to the patient on the ChartMedic app.

These identifiers ("Bear" and "Automobile" in the screenshot taken from an Android device above) can be recorded by staff on a piece of paper, transmitted to the provider with a messaging app, or placed in the electronic medical record to associate the interview with the patient. In a clinic setting with scheduled appointments, the images would rarely be needed. In an urgent care / emergency setting where neither appointments nor providers are known at the time the patient presents, they are crucial.

Finally, the interviews are not stored in perpetuity by ChartMedic. Following submission, they remain accessible to clinic staff for five days and are removed from the system within five weeks.

To summarize, ChartMedic's approach can be summarized by de-identification of patient health information prior to transmission and storage by ChartMedic to minimize data breach threats to customers. The guiding philosophy incorporates the concept of "need to know" basis and recognizes the primacy of the electronic medical record as a single and best location for storage of patient information.  ChartMedic minds its business so you can conduct yours without additional worry.