Oxevision has been developed in collaboration with patients, carers, doctors and nurses. It is a patient monitoring system designed specifically for mental health providers and includes a regulated medical device which operates with an infrared-sensitive camera.
It is understandable that Oxevision’s use of a camera leads to questions about privacy and data security. Our objective is to increase patients' safety, privacy, dignity and independence and this is considered at all stages of the design and implementation of Oxevision.
Below is a summary of some of the technical and organisational measures which we have implemented to protect the personal and sensitive data generated by Oxevision and the dignity of the patients and other data subjects.
Alerts, not video streaming
Oxevision displays room statuses, alerts and data reports on handheld devices or on a screen in the nurses station and does not provide a continuous live video stream. Clinical staff can see up to 15 seconds of clear video when taking vital signs spot check, and up to 15 seconds of blurred video in response to a room alert.
Anonymization of personal data
The clear video data generated by Oxevision is required by the medical device to ensure accurate vital signs measurements are taken. For other processing purposes the personal data generated by Oxevision is anonymised or pseudonymised to minimise personal data processing. E.g irreversibly blurred video images which do not identify a person, and no clear video data is stored.
Personal data is under customer control
All personal data generated by Oxevision or by the staff using Oxevision is under the control of the customer and Oxehealth will only ever process the data according to the service agreement between the customer and Oxehealth, or on written instruction of the customer.
The following diagram lays out the data flow of data generated by the Oxevision system.
Supporting customers with data governance and HIPAA compliance
Where Oxehealth customers are healthcare organizations which are covered entities under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic Clinical Health Act of 2009 (HITECH), or Federally assisted Part 2 programs under the Confidentiality of Substance Use Disorder (SUD) Patient Records Act (Jan 18, 2017 as amended), Oxehealth additionally signs a Business Associate Agreement and/or a Qualified Service Organization Agreement with customers which governs the way in which Personal Data and Protected Health Information is used and disclosed
Oxehealth supports customers to comply with HIPAA and other data governance requirements through the provision of data governance and data flow documents, staff training and reporting.
Data encryption
The personal data and protected health information generated by the Oxevision system is encrypted to a minimum of AES 256 standard when stored on local secure servers at the customer site and on the AWS cloud servers.
All data transmission between local compute equipment at the customer site will take place over a secure virtual private network (VPN) which ensures communication between authenticated devices only, using secure socket layer (SSL) encryption to the AES 256 standard.
Data transmission between local compute equipment at the customer site and the AWS cloud servers takes place via an SSL encrypted transmission.
Access control
Access to all Oxehealth services is based on the principle of least privilege, and Oxehealth staff are only granted the minimum permission to conduct their role.
Oxehealth staff with access to provide support for the Oxevision system use a unique set of credentials for VPN, remote machine access and file server access. VPN access is audited and logging and pattern-based alerts are active on the VPN and firewall.
Access to Customer data on Oxehealth secure servers is limited to approved Oxehealth staff as required to perform a specific task, with fine grained access control on data permissions managed through Active Directory and audited quarterly.
Personnel security
All staff with access to customer data are subject to Baseline Personnel Security Standard (BPSS checks and a basic criminal record check), and sign a confidentiality agreement as part of their employment contract.
Annual security, data protection and HIPAA training is completed by all staff to ensure they understand their responsibilities with regards to security and data privacy and Oxehealth employees handling customer data undergo additional training specific to their role.
Penetration testing and vulnerability monitoring
The Oxevision system is subject to a minimum of twice yearly penetration testing by Crest accredited third party experts and we carry out additional internal vulnerability monitoring of the software.
Oxehealth has attained ISO 27001:2013 certification for Information Security Management which includes data generated by the Oxevision system in its scope. We are audited against this standard by a UKAS accredited certification body.
Oxehealth has established an ISO 27701:2019 certified Privacy Information Management System which extends the requirements of ISO/IEC 27001 and ISO/IEC 27002 for privacy information management.
Oxehealth holds Cyber Essential Plus certification from an IASME accredited CE+ certification body
