Security

  • Hi,

    I just created my wordpress website for a psychology consultant business.

    I intend to create a list of users who are my patients who can then log in and add appointments etc.

    However I am concerned if the wordpress platform is secure enough to do this. There are strict codes with regards to patient confidentiality in the health care field.

    I hope someone could help me answer this. It’d be greatly appreciated.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Samuel Wood (Otto)

    (@otto42)

    www.ads-software.com Admin

    The platform is fine, however the custom software you create to allow patients to add appointments and such may or may not be, depending on how it is written.

    I know medical people have to adhere to stringent regulations, such as HIPPA. Several of the standards required by such laws would not necessarily be included in WordPress itself, although the custom software built on top of it could implement them. Encryption of patient information, for example.

    WordPress as a platform can be customized to do many things. However fundamentally it is a semi-generic Content Management System. It’s made to create web pages, not to manage secure data. It would be a fine platform to build the web interface on, but the actual data storage and transmission of the “private” data should be handled by some other certified system.

    For example, you wouldn’t want to store patient records inside the WordPress database, but it would be perfectly possible for a WordPress add-on to communicate with an external system to manipulate those records as necessary.

    You also need to consider what information is legitimately “private”. Appointment timing, for example, may not be. In which case you could store it anywhere.

    Thread Starter tnguyen14

    (@tnguyen14)

    Otto,

    Thank you so much for your really quick reply! You’re awesome!

    HIPPA was one of the things I had in mind.

    I agree with you that patient information encryption would be required – however I don’t think it would be a long way before I even need to upload patients’ information online – there’s no such need right now. But very good suggestion on a custom security software though. I will keep that in mind.

    I guess my best solution would be to limit the information available to the users , that way I won’t have to worry about data encryption for now (something way out of my capabilities). I wonder if there’s a good WordPress plug-in for simple appointment-booking. I’ve been looking around but have not come across anything quite what I need.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Security’ is closed to new replies.