ONE Mail Direct. Privacy Impact Assessment Summary



Similar documents
Ontario Laboratories Information System Electronic Medical Records Initiative. Privacy Impact Assessment Summary

Privacy Policy on the Responsibilities of Third Party Service Providers

Privacy Incident and Breach Management Policy

Electronic Health Record Privacy Policies

ONE Mail Direct for Desktop Software

Anti-Spam Configuration in Outlook 2003 INDEX. Webmail settings Page 2. Client settings Page 6. Creation date Version 1.2

Personal Health Information Privacy Policy

Health Care Provider Guide

ONE Mail Direct for Mobile Devices

Guide to INFORMATION SECURITY FOR THE HEALTH CARE SECTOR

Information Security Policy. Document ID: 3809 Version: 1.0 Owner: Chief Security Officer, Security Services

Microsoft Exchange Server 2007, Upgrade from Exchange 2000/2003 ( /5049/5050) Course KC Days OVERVIEW COURSE OBJECTIVES AUDIENCE

Guideline for Services

Install Guide VirusBlokAda

Updating Your Skills from Microsoft Exchange 2000 Server or Microsoft Exchange Server 2003 to Microsoft

User guide Business Internet features

Secure Gateway (EMSG)

EHR Contributor Agreement

Service Schedule for Business Lite powered by Microsoft Office 365

Implementing and Managing Microsoft Exchange Server 2003

IMF Tune Opens Exchange to Any Anti-Spam Filter

Review Guide: Exclaimer Mail Utilities Disclaim, Brand, Sign & Protect

Copyright 2011 Sophos Ltd. Copyright strictly reserved. These materials are not to be reproduced, either in whole or in part, without permissions.

Policy Patrol 7 Upgrade Guide

HGC SUPERHUB HOSTED EXCHANGE / 2007 SMART PANEL USER GUIDE

Panda Security for Exchange Servers

Setting up and controlling

10135A: Configuring, Managing, and Troubleshooting Microsoft Exchange Server 2010

Exchange-based . Types of . Why use Exchange for ?

Managing Junk Mail. About the Junk Mail Filter

Service Schedule for BT Business Lite Web Hosting and Business Lite powered by Microsoft Office 365

Using over FleetBroadband

Objective This howto demonstrates and explains the different mechanisms for fending off unwanted spam .

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Service Pack 2 MOC 10233

LGfL Managed Exchange Staff Service (StaffMail) Service Description

How To Protect From The Internet With Mailmarshal Smt And Mailmper For Exchange

Configuring Notification for Business Glossary

Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Service Pack 2

RELEASE NOTES Product Version: 7.2 Date: November, 2015

Implementing MDaemon as an Security Gateway to Exchange Server

Core Solutions of Microsoft Exchange Server 2013

Quick Heal Exchange Protection 4.0

Designing, Deploying and Managing a Network Solution for Small- and Medium-sized Businesses Course No. MS Days

GETTING STARTED GUIDE Exclaimer Anti-spam

Oakland County Webmail Anti-Spam Setup

Introduction. How does filtering work? What is the Quarantine? What is an End User Digest?

VPOP3 Your post office Getting Started Guide

Guardian Digital Secure Mail Suite Quick Start Guide

Avira Exchange Security Small Business Edition. Quick Guide

Business Internet service from Bell User Guide

Setting up the Mail Sort Function in Outlook Web App

MS Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Service Pack 2

COURSE OUTLINE MOC 20341: CORE SOLUTIONS OF MICROSOFT EXCHANGE SERVER 2013 MODULE 1: DEPLOYING AND MANAGING MICROSOFT EXCHANGE SERVER 2013

How to use the ISS filtering service to remove unwanted messages with Webmail

ehealth Ontario Ontario Lab Data and Your EMR

Enabling Office 365 Services

Resonate Central Dispatch

Installation & Configuration Guide Version 1.0. TekSMTP Version Installation & Configuration Guide

Web. Anti- Spam. Disk. Mail DNS. Server. Backup

Chapter 6: ScanMail emanager

BUILT FOR YOU. Contents. Cloudmore Exchange

Business and Technical Description of Commercial Systems The scope of the technical solution is further described below.

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Service Pack 2

Core Solutions of Microsoft Exchange Server 2013 MOC 20341

Welcome to your Pacnet

1 Accessing accounts on the Axxess Mail Server

Configuring MDaemon for Centralized Spam Blocking and Filtering

anomaly, thus reported to our central servers.

How To Configure Forefront Threat Management Gateway (Forefront) For An Server

TEAL: Transparent Archiving Library

70-662: Deploying Microsoft Exchange Server 2010

T E C H N I C A L S A L E S S O L U T I O N

Lesson Plans Configuring Exchange Server 2007

CONFIGURATION AND SETUP USER GUIDE AND REFERENCE MANUAL

Avira Managed Security AMES FAQ.

USING OUTLOOK WEB ACCESS

Troubleshooting IMAP Clients and ViewMail for Outlook in Cisco Unity Connection 8.x

DEFENDER SERVICES

PREMIUM MAIL USER GUIDE

Introduction. Part I Introduction to Exchange Server

ESET Mail Security 4. User Guide. for Microsoft Exchange Server. Microsoft Windows 2000 / 2003 / 2008

Revised 10/13 SUBSCRIBER AGREEMENT. Introduction

Step-by-Step Configuration Instructions

CENTURIC.COM HOSTED MICROSOFT EXCHANGE ADDENDUM TO TERMS OF SERVICE

Transcription:

ONE Mail Direct Privacy Impact Assessment Summary

Copyright Notice Copyright 2010, ehealth Ontario All rights reserved No part of this document may be reproduced in any form, including photocopying or transmission electronically to any computer, without prior written consent of ehealth Ontario. The information contained in this document is proprietary to ehealth Ontario and may not be used or disclosed except as expressly authorized in writing by ehealth Ontario. Trademarks Other product names mentioned in this document may be trademarks or registered trademarks of their respective companies and are hereby acknowledged.

Introduction ehealth Ontario has completed a Privacy Impact Assessment (PIA) on ehealth Ontario s ONE Mail Direct service. The PIA was completed on July 8, 2013, in accordance with Personal Health Information Protection Act (PHIPA) and ehealth Ontario s Personal Health Information Privacy Policy. ONE Mail Direct is governed by PHIPA, Development Corporations Act (DCA), and Freedom of Information Protection of Privacy Act (FIPPA). ehealth Ontario acts as a Health Information Network Provider (HINP) when providing ONE Mail Direct services. ONE Mail Direct is required to comply with requirements for a HINP as noted within PHIPA. The following is a summary of the PIA, including a brief background on ONE Mail Direct, key findings and ehealth Ontario s progress in implementing the identified recommendations. Background ONE Mail Direct is an email service developed by ehealth Ontario for the secure transmission of personal information (PI) and/or personal health information (PHI) between participating health care professionals. ONE Mail Direct allows health care providers and organizations to share information more reliably, quickly and securely helping them improve care by enabling them to spend more time with patients. ONE Mail Direct permits users to access email via four different routes. All access methods involve connecting to ONE Mail Direct servers which reside in ehealth Ontario state-of-the-art data centres. Simple Mail Transfer Protocol Internet Message Access Protocol ; Remote Procedure Call over Hyper Text Transfer Protocol Secured ; Outlook Web Access; and HTTPs through Outlook Web Access. ONE Mail Direct includes anti-virus and anti-spam protection. An anti-virus service consists of a software program designed to identify and remove a known or potential computer virus. An anti-spam service consists of a software routine that deletes incoming span or diverts it to a junk mailbox. Spam filters are built into a user s email program and updated on a regular basis as they are published by the vendor. Spam filtering can be configured to trap messages, based on a variety of criteria, including sender s email address, specific words in the subject or message body, or by the type of attachment that accompanies the message. Summary of Privacy Impact Assessment The PIA determined that ehealth Ontario is acting as a HINP when providing ONE Mail Direct Services. ONE Mail Direct is governed by PHIPA, DCA, and FIPPA. ehealth Ontario complies with PHIPA, DCA and FIPPA requirements. The PIA recommends several measures to ensure that the data received and utilized by ehealth Ontario, for the purposes of the ONE Mail Direct complies with PHIPA as well as ehealth Ontario policies, procedures and privacy best practices.

Summary of the Implementation Plan for the Privacy Impact Assessment Recommendations The PIA provides a number of recommendations to mitigate risks identified in the PIA. These risks can broadly be classified as enhancements to ONE Mail Direct policy, procedures, and guidelines. Below is a summary of the recommendations: Amend the ONE Mail Direct service module to include ehealth Ontario s obligations in the event of a privacy incident/breach. Update the plain language description to include references to ONE Mail Direct mobile service. Update the ONE Mail policy to include roles and responsibilities for clients when accessing ONE Mail on a mobile device. In addition, guidelines on the secure use of mobile devices must be provided to clients. Update appropriate schedules in the ONE Mail Direct module to: o Include a description of ONE Mail Direct mobile service. o Update the plain language description to include information on ONE Mail Direct mobile service. Create and provide guidelines on the secure use of ONE Mail Direct mobile to users. Guidelines should be posted on the ONE Mail Direct web page. ehealth Ontario is currently in the process of implementing each of the recommendations identified in the ONE Mail Direct PIA.

Glossary HIC DCA FIPPA HCP HINP IMAP4 LRA OWA PHI Health Information Custodian Development Corporations Act Freedom of Information Protection of Privacy Act Health Care Provider Health Information Network Provider Internet Message Access Protocol Local Registration Agent Outlook Web Access Personal Health Information PHIPA Personal Health Information Protection Act, 2004 PI PIA RPC/HTTPs SMTP Personal Information Privacy Impact Assessment Remote Procedure Call over Hyper Text Transfer Protocol Secured Simple Mail Transfer Protocol Contact Information Please contact the ehealth Ontario privacy office should you have any questions about the ONE Mail Direct PIA Summary: ehealth Ontario Privacy office 777 Bay Street, Suite 701 Toronto Ontario M5B 2E7 Tel: (416) 946-4767 privacy@ehealthontario.on.ca

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information