The privacy and the security of patients’ Protected Health Information (PHI) are among our top priorities. Malaffi and all participating healthcare facilities (Participants) protect PHI using physical, technical and administrative measures.
Malaffi and all Participants are required to comply with all Emirate-wide and federal health privacy laws, as well as the Abu Dhabi - Healthcare Information And Cyber Security Standard (ADHICS), which focuses on the specifics of protecting and/or securing personal health information.
Measures to protect PHI include rigorous privacy and security protocols, some of which are listed below:
- Only trained authorised healthcare professionals and members of the care teams can access Malaffi
- All PHI is shared over a secure electronic network, and all information in transit and at rest is encrypted to prevent unauthorised access
- Our teams perform a security assessment of the participants before they connect to Malaffi, to ensure that they uphold the required security standards
- Malaffi has implemented privacy and security guidelines for authorisation and accessibility of the platform. As part of the guidelines, Malaffi maintains activity logs of the authorised users who view patient files and access information and receives notifications in case of misuse of the platform
- Only the highest level of authorised users can “Break the Privacy Seal” to access patient’s sensitive health information. This includes information related to, certain infectious diseases (HIV/HEP-B), sexually transmitted diseases, substance abuse, IVF and mental health conditions. This is on the condition that in the professional judgment of the clinician, access to such sensitive health information is absolutely necessary to ensure optimal treatment of the patient. These activities are monitored and audited to ensure appropriate use of the platform. Viewing this information is restricted depending on the Malaffi clinical user’s role. No allergies or medications information are restricted.
As a testament to its commitment to data privacy and security, Malaffi has received the HIEAP Accreditation and the ISO 27001:2013 Certification. For more information, please visit this page.