Security and protection of private life
Several measures and mechanisms are in place to assure a high degree of availability, integrity, confidentiality, and security of the health information that is kept by the Québec Health Record (QHR), as much from a technological standpoint as from an organisational standpoint.
Secure access procedure
To connect to the QHR, authorized people who have access rights must follow strict procedures. In fact, they must:
- use a specially configured workstation to connect to the QHR;
- authenticate their identity in the system with an access device and a personal password;
- regularly authenticate their identity, as the system disconnects automatically after a short period of inactivity.
The health information is recorded under a unique identification number. Only the Régie de l'assurance maladie du Québec (RAMQ) is able to associate the NIU with a person in particular. Finally, the data kept by the QHR is separated into several secure banks.
Information about your identity is not kept in the same data banks as the health information concerning you. It's only when an authorized person consults the QHR that the information which they have the right to access is brought together in a secure manner on their screen.
Strength of the systems
The computer systems used for the QHR are strong systems. They conform to proven security norms, which are determined by internationally-recognized standardization organisations. Before being put into operation, these systems undergo many types of testing. They are even subjected to computer piracy tests that are done by independent specialized enterprises.
Information loss prevention
As for all important computer systems, back-up measures are there in case of a technical failure. These measures are there to protect the information and guarantee access to the QHR at all times.