TDO Security Features
To take full advantage of TDO Security Features, please make sure you have updated to the latest release of TDO.
-
TDO offers all the required HIPAA compliance protection to our users.
-
The database is password protected, and encrypted at rest (in TDO 12.311b and higher).
-
The backup is password protected and encrypted.
-
All communication to our web servers is encrypted through the VPN.
-
TDO offers strong user password policy compliant with HIPAA.
-
TDO offers a feature that will automatically log off a user’s session after a set period of inactivity.
-
In TDO 12.338 and above, referring doctor and patient login passwords are protected and can only be changed by the patient or doctor.
-
TDO Cloud Services users have the option to send all correspondence to patients and referrers through the password-protected Patient and Referring Doctor portals.
-
TDO Cloud Services users can chat securely with Referrers who are logged into the Referring Doctor portal.
User/Office Policies
The protection of the user’s database depends also on the office internal procedures. It is the Doctor’s and IT Professional’s responsibility to follow internal HIPAA guidelines to make sure your office is HIPAA compliant. You must have a password protected server, with physical access limited to authorized staff members. It is also recommended that you separate patient/guest WiFi from the staff/private network. Consult your IT professional for help with this. Make sure that staff members are educated about safe browsing habits. Never open a link or download a file simply because an email tells you to do so. Maintain current onsite and offsite backups (ideally using TDO Cloud services).
In Summary, TDO, as a practice management solution, is HIPAA compliant, and offers many features intended to keep your data secure, but it is up to you to put in place procedures and protocols that will ensure the security of your practice.