AlayaCare's number one priority is protecting the security of personal health information and ensuring the integrity of its customers' data. For the new virtual visits feature, we have taken every precaution to ensure that the video sessions remain secure.
Virtual visits: security details
The vendor that AlayaCare uses for virtual visits as well as the remote patient monitoring (RPM) application is fully integrated with the AlayaCare application so that it is completely secure and HIPAA compliant. As with any other visit in AlayaCare, all the logs associated with a virtual visit are kept secure and within the AlayaCare database.
For organizations based in Ontario, AlayaCare's Virtual Care module aligns with the consent and privacy regulations laid out in the Personal Health Information Protection Act (PHIPA), as no data from the virtual sessions is stored or shared. AlayaCare as a whole also remains PHIPA compliant as information about visits and services conducted virtually is available to customers in the event logs for audit purposes.
For this feature, AlayaCare is using an API that provides AES-128 bit encryption across voice, video and signaling traffic. No data is kept on the vendor’s data servers at any given point. Video data is also not kept on any of AlayaCare's servers.
For one-to-one virtual visits between two people, the video stream remains strictly between the two individuals and will not travel to any server.
If you have any additional security questions or concerns, please reach out to your Client Success Manager or Client Relationship Manager so that our security experts can address them.