Protecting the privacy and security of sensitive patient information is key to the
mission of PSI and to its Board of Directors:
PSI's Board of Directors includes leading consumer advocates who will have governance over all patient privacy issues.
The PSI bylaws state that no identifiable individual data will ever be released by PSI to any other person or organization unless specifically authorized by the patient.
PSI is a voluntary initiative; the patient, his or her physician, and their hospital all must deliberately choose to participate and can opt out of the system at any time.
The patient's Social Security number will never be used as the de facto unique patient identifier.
PSI will employ an enhanced security technology to maintain patient confidentiality at a higher standard than is currently in use or mandated. This security feature requires that the digital identity of the patient, physician and clinic/hospital be authenticated before the patient's clinical information is released to the patient-approved physician.
Identifiable patient data will continue to be stored under the jurisdiction of the patient's physician and hospital and at their current locations.
Both the PSI communications network and data center will be protected by the latest in technological and physical security measures, to ensure that a breach of security in any part of the system will not yield identifiable clinical information.
All data that is transmitted to or from PSI is processed in a manner that equals or exceeds all federal and state mandated privacy, security and HIPAA statutes.