🎉 The College of Dental Surgeons of Saskatchewan (CDSS) has partnered with Sowingo!

Health Information Network Provider (HINP) Notice of Accountability

The ability to share and gain access to electronic health information plays a crucial role in allowing health care providers to collaborate and provide exceptional care. Sowingo enables authorized healthcare providers to securely contribute to, store, access, and share their patients’ Personal Health Information (PHI). Operating within the framework of Ontario’s Personal Health Information Protection Act (PHIPA), we function as a Health Information Network Provider (HINP), adhering to regulations to safeguard patient privacy.

In the following sections, we outline our practices for safeguarding PHI within our systems in adherence with PHIPA regulations, reaffirming our commitment to patient privacy and security.

As an HINP, Sowingo hosts the following system:

Sowingo Link
Sowingo Link is a platform designed for dental practitioners to eliminate the communication gap between dentist and specialists. The solution allows practitioners to view and share patient data for the purpose of providing the best possible care to their patients.

 

Directives, Guidelines and Policies

In hosting the above system, Sowingo will:

  • sign an agreement with each participating HIC regarding the services provided and use of PHI
  • notify participating HICs of any privacy breaches detected
  • maintain appropriate logging and continuous monitoring of PHI; available to participating HICs upon request
  • only allow limited access to PHI by trained personnel for the purpose of providing support to participating HICs
  • ensure any third-party service providers are bound to the same safety requirements and standards
  • not alter PHI on behalf of HICs in any way unless the alteration is described in Sowingo’s agreement with the HIC as an authorized use of the PHI, or has been requested in writing by the HIC

In addition to the above commitments, the governance of our systems is further strengthened by the following internal policies, procedures, and standards:

  • Information Security Policy
  • Information Security Roles and Responsibilities
  • Access Control Policy
  • Data Management Policy
  • Risk Management Policy
  • Third-Party Management Policy
  • Cryptography Policy
  • Secure Development Policy
  • Business Continuity and Disaster Recovery Plan
  • Incident Response Plan
  • Breach Notification Procedures

 

Organizational Safeguards

To help protect against any unauthorized use of personal health information, Sowingo has implemented a series of technical, physical and organizational safeguards. These include but are not limited to:

  • employee training on privacy awareness and security best practice
  • use of strong passwords, enforced on all systems
  • multi-factor authentication (MFA) for all systems and applications whenever possible
  • access reviews conducted quarterly to ensure appropriate role-based access
  • regular data backups performed and store off-site
  • encryption of all sensitive data both in transit and at rest
  • firewall system to protect all network communications
  • sensitive data stored in accordance with data residency requirements

 

Contact Information

For more information about our privacy and security policies, contact us at (888) 997-3133 or by email at privacy@sowingo.com.

Start optimizing your practice today

Learn how Sowingo can digitize manual processes to help your practice purchase, track and manage inventory with ease.

Select your currency
CAD Canadian dollar

This website uses cookies

We only use essential cookies to personalize our service and continue to make refinements to provide the best possible experience. If you’d like to learn more, please read about cookies in our Privacy Policy