We take the security of yours and your patient’s information seriously.
Last Updated November 21st, 2019
MCI acts as a trusted confidential application service provider dedicated to providing a secure Internet and mobile service.
MCI employs a high degree of security consciousness. The environment at MCI currently encompasses the commercially reasonable level of security as well as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) security tenets that of the proposed regulations. The overall priorities of MCI as an organization are to use commercially reasonable efforts to ensure security and be fully compliant with all HIPAA regulations, proposed and finalized. Access, integrity, availability, ownership, authorization, dependability, authentication, and confidentiality are all major considerations within the MCI Security Policy.
MCI upholds its stringent Security Policy with the following security measures:
Role-Based Usage: MCI grants varying degrees of access to users with different levels of authority within a provider practice.
Encryption: All communication between you and the MCI server is secured by using SSL AES 128-bit or better encryption.
Data Security: MCI takes all reasonable measures to secure your data on our servers, but also rely on advertised security imposed by our world-class and well-regarded partners that operate said data centers. Amongst other measures, the data centers we user are both physically and electronically secured and our servers are isolated from the Internet by using a firewall which is a hardware and software system that blocks access by unauthorized parties.
Confidentiality: MCI has internal policies that keep your data private and confidential.
Aggregated Data: Certain information and/or personal information may be disclosed to third-parties in connection with and as necessitated by our normal provision of Services. Additionally, information and/or personal information may be anonymized, aggregated, and used for various business and commercial purposes, but in no event in a matter that is linked to any personally identifiable information, or to profile any individual with first attaining your written consent.
Login ID and Password: Access to your account is controlled by a login ID and a password, which you chose. Strict login ID and password rules virtually eliminate the unauthorized user from gaining access. We do NOT store a plain text version of your password. Your password is stored using a one-way hash key and verified using the same one-way hash every time you login, which means no one at MCI knows what password you have chosen. If you ever forget your password, we force you to choose a new one using an email verification check.
Auto-Logoff: MCI protects you against accidentally leaving your personal information active on a computer browser screen. The MCI service ends your “session” if you are logged in to MCI but have not actively used the service for a set period of time. This prevents others from accessing your account when you leave a session and forget to log out.
Digital Certificates: MCI uses a digital certificate issued by a reputable third party Internet Service Provider located in Canada. This gives you the confidence that you are connected to a site operated by MCI, and authenticated as such.
Sensitive Information: MCI handles all your health information with respect to its confidentiality and privacy. Agree to allow MCI to store your data at multiple storage sites and with reputable third parties provided they adhere to industry standard levels of privacy and security.
Data Integrity: MCI employs the latest products and technology to ensure data is always available and access to the site continues without interruption.
Firewall: We take all reasonable measures to secure your data on our servers, in our data center or in data centers owned and/or operated reputable third parties. Our data center is both physically and electronically secured. Our servers are protected behind the Internet by using a firewall which system that blocks access by unauthorized parties.
What can I do to protect my Privacy?
In order to protect your privacy while using the MCI service, you can:
- Never share you sign in name or password.
- Always sign out when you are finished using the service.
- Choose a strong password that consists of upper and lower case letters and numbers.
- Install and maintain anti-virus software and a firewall on all computers that you use to access the MCI service.
- Promptly install all security and software updates for our iPad/iPhone apps and for your browser.