We have built security into Romexis software since day one. Originally designed for large organisations, its robust data security features are available to all customers who want to follow responsible practices or need to meet tightening regulatory requirements, such as GDPR in the European Union or HIPAA in the North America.
User permissions
Reliable security and accountability begins by identifying users and defining their permissions by role. The Romexis software supports these security measures in several ways.
- Create an account for each user and assign them to a specific group
- Control access to the software’s different modules and features by defining user groups and permissions
- Manage user logins and permissions from Active Directory
Traceability
When it is necessary to know what data has been accessed by users, Romexis provides unmatched traceability and transparency benefits.
- Log user access to patient information
- Log user activity – such as logging in, exporting information or printing
- Record all changes made to information stored in the database – including the time of the change and the identity of the user responsible for it
Security and privacy
To keep all personal information safe from outsiders, several prominent security technologies are supported by the Romexis software.
- All Romexis client-server communication is SSL encrypted
- Organisation-specific Romexis client SSL certificates are supported
- Romexis is compatible with Microsoft SQL Transparent Data Encryption (TDE)
- All personal data is stored on the Romexis server computer
- Security of the Romexis software has been audited by external experts
GDPR and HIPAA compliance
The Romexis software includes various features that allow organisations using it to process personal information to meet the regulatory demands in their area. Guidance on Romexis features that help your organisation reach compliance is available in the following document:
Romexis Best Practices Related to GDPR (pdf)
3rd party security assessment
The security of Romexis has been reviewed by a 3rd party cybersecurity services company, Nixu Corporation. According to the review, Romexis received the best overall security status (good on a scale of good, moderate or inadequate).