There are evident gaps in healthcare IT systems across the world due to lack of patient-centric approach leading to incoherent data-driven decisions.Patient journey, being a multi-stage journey with different channels and touch points poses information asymmetry between patients and health care providers.

Our product emphasizes patient centric approach and equips all stakeholders in the healthcare ecosystem with enough tools to navigate the patient’s journey from awareness stage to ongoing care. We help health systems understand and engage their patients in their entire journey to provide them safe, effective, patient centered, timely, efficient and equitable care.

• We have incorporated several effective security measures that offer robust data protection across endpoints and networks to protect data in both states.
• One of the most effective data protection methods for both data in transit and data at rest is data encryption.
• Implemented robust network security controls to help protect data in transit. Network security solutions like firewalls and network access control have been implemented to help secure the networks used to transmit data against malware attacks or intrusions.
• We don’t rely on reactive security to protect data. Instead, use proactive security measures that identify at-risk data and implement effective data protection for data in transit and at rest.
• Other data protection solutions are implemented with policies that enable user prompting, blocking, or automatic encryption for sensitive data in transit, such as when files are attached to an email message or moved to cloud storage, removable drives, or transferred elsewhere.

• Patients’ information is stored in a de-identified manner only re-identifiable to each site that input the data for patient follow-up at the specific site.
• Non identifiable data is stored in a secure remote server with password protected access to the on-line data base (with the exception of re-identifiable patient number that is only re-identifiable at the site where data was entered for terms of follow up only).
• All sensitive data that could potentially re-identify the anaesthetist, the hospital or the patient (e.g hospital record number, age, height, weight) are encrypted for transfer from the data entry terminal to the server.

• Protected information is only accessible for registrants to the online interface with unique username and password.
• The online interface logs out automatically if the computer/mobile screen is left unattended for 20 minutes.
• A UIN (Unique Identification Number) is created for every patient which is system generated random number for security and subsequently used through all queries thereby neutralizing the patient identification.
• Individuals with login access to the App and online interface will have access to the reports.
• All sensitive and PHI which could potentially identify a patient is encrypted for transfer from the computer terminal to a remote secure server
• Patient Name or any patient identifier is not displayed in any of the queries or reports.

• A memorandum of understanding has been generated explaining collaborators’ responsibilities. Subscription Details, Terms & Conditions Document, Privacy Policy Document, End User License Agreement (EULA) are clearly displayed at the time of user registration.
• Individual data collectors and users of the App will be required to acknowledge its content during their initial log-on process.
• The users have ownership of their dataset and will be able to remove or upload the datasets to cloud server as per their requirements.

• Several Administrative, Technical and Physical Safeguards are incorporated to ensure security and integrity of datasets, both at rest and in transit.
• Security awareness training has been implemented so employees are trained and reminded of policies and procedures relating to software updates
• Computer log in monitoring, password updates and other key security measures are implemented
• Contingency planning, adequate preparation, policies and procedures are in place in order to respond to an emergency if there is a fire, vandalism, or other natural disaster
• Physical safeguards, facility access controls are implemented to protect the location and devices during development and deployment.
• Sufficient practices are implemented to allow access to only those people who need access to do their jobs.

• Medusys aims to capture every patient record, thus reducing a selection bias. There is no intervention being investigated because this App is a registry of routine clinical practice.
• This App advocates quality assurance initiatives measuring outcomes from routine practice and is an unbinded observational cohort database and is NOT A RESEARCH activity. Every patient has the right to know what happens with that information and about security of cloud storage of sensitive information.
• “Opt-out” consent can be used which has far better patient acceptance and recruitment. Medusys can help you to develop one such consent.
• Always, speak to your local institutional ethics committee