Patients Can See Radiological Data Now Online

medavis provides a secure data platform with the portal4med Patient Portal.

To have sovereignty over their own data and to be able to retrieve it in compliance with data protection regulations and make it available to treating physicians quickly and easily: This is the expectation of more and more patients. Karlsruhe-based radiology workflow specialist medavis enables its users to do just that with the portal4med Patient Portal, which makes radiology images and reports accessible. “With the Patient Portal, radiologists can save time and costs for burning CDs. They offer their patients a modern service and thus increase patient loyalty. Patients, on the other hand, can easily access their own reports and studies online and decide for themselves which doctors they grant access to them. This is secured by a 2-factor authentication”, says Samer Abdalla, Product Manager at medavis, and summarizes the advantages of the new solution.

Full Integration into the Daily Routine

The portal4med Patient Portal is closely connected to medavis RIS, which ensures a seamless workflow. A ticket with the access data to the portal can be printed automatically at the registration desk. In addition, the access data can also be transferred directly to the report or sent digitally to the patient by e-mail. Both patients and physicians can access the portal on any device with an Internet connection. “Access to the portal requires the information on the patient ticket plus an additional second factor,” says Product Manager Abdalla, explaining the procedure. The transfer of data is encrypted, compliant with the EU General Data Protection Regulation (EU-GDPR) and in accordance with the highest security standards.

Priority: Data Protection

The protection of patient data was an essential component in the development process of the portal4med Patient Portal. The certified information security management system of medavis GmbH according to ISO-27001 ensures the protection goals confidentiality, integrity and availability of data. In addition, medavis has subjected its web-based systems and infrastructure to extensive penetration tests. The special test procedure is based on the specifications of the Payment Card Industry Data Security Standard (PCI DSS), the recommendations for action of the German Federal Office for Information Security (BSI) and the Open Web Application Security Project (OWASP). Benchmarks of the Center for Internet Security (CIS) and best practices of cloud service providers were also taken into account.