My ACP Decisions Overview and Security Primer

This article provides an overview of the My ACP Decisions platform, its core tasks, and how it handles information to accomplish those tasks.

Overview

The My ACP Decisions Platform consists of an API web service, a front end web application, and a mobile app for iOS and Android.

My ACP Decisions platform provides an easy way for clinicians to share videos and documents from the ACP library with patients. In its simplest form, the My ACP Decisions platform generates a unique URL each time a clinician shares content with the patient. When a patient visits this URL, the system tracks whether or not they have viewed a video or opened a document without collecting PHI.

The steps to this process are as follows:

  1. The clinician prescribes one or more videos or documents from the library.
  2. The clinician confirms their order, which generates a unique four character code.
  3. The clinician shares that unique code with the patient.
  4. The patient enters the code at mycode.today/XXXX.

Note: PHI is not collected by the system from patients. All a patient has to do is enter their anonymous code.

Critical vs Non-Critical Systems

My ACP Decisions is not a mission critical system like an EMR. Its core function is browsing the diverse library of ACP Decisions content and generating links to share that content.

Analytics, Reporting, Event Collection

Clinicians verify that a patient has viewed previously prescribed content through the Order History page. By searching the patient's code, the clinician is able to see any attempts to view the content associated with that code. 

  • If a code has been entered and the legal agreement has been accepted by the patient, the code is considered redeemed.
  • If more than 80% of a video has been watched, it is considered viewed and completed.
  • If a document has been opened, it is considered viewed and completed.
  • When all content has been completely viewed, the overall status of the order is marked complete.

Note: Our system does not collect or store any PHI when logging these events.

Administrator Logins

Administrators are responsible for inviting new administrators and clinician users to the system. They are invited using their employee email address.

Clinician Logins

There are two ways an organization can enroll clinicians into the platform:

  1. Individualized Clinician Logins: An administrator enters the clinician's preferred name and work email address. The clinician then sets their own password. 
  2. Simple Clinician Logins: An administrator creates a username and password. This is designed to be used by one or more clinicians. 

Optionally, when using simple clinician logins, an administrator can associate one or more employee emails with a shared username. These emails are used to notify employees of the credentials of a newly created shared user account and also when the password for a shared user account has been changed. The ability to associate these emails can be disabled if your policy does not allow entry of employee email addresses.

If employee email addresses are used in either of the two approaches above, the My ACP Decisions system will store the work email addresses of both the clinician(s) and administrator. See below for more details on how we store and treat sensitive information.

Security Considerations

  • All traffic transmitted by My ACP Decisions Platform is encrypted over HTTPS, SSL, and TLS.
  • Clinician's names and email addresses are encrypted at rest in the database.
  • My ACP Decisions servers operate in the AWS cloud environment.
  • Multiple layers of monitoring at the server, web application, and domain levels are used to detect and protect against the intrusion, denial of service attacks, and other bad actors.
  • We use name, email, and usernames to provide the following services:
    • Authentication (Signing In and Out)
    • Adding, Removing, and Managing Users
    • Viewing, Prescribing, Managing, and Sharing Media
    • Reports on the Utilization of the Content Library
    • Reports on Code Usage
    • Providing Clinicians a History of Codes They Have Issued
    • Troubleshooting

Techniques for Minimizing Employee Data Entry

If you prefer not to enter employee data while using the platform, we recommend the following options:

  • Use the simple clinician login approach instead of the individualized login for adding clinicians;
  • Do not enter employee emails into the platform.  Of note, ACP Decisions can disable the ability to associate emails addresses when using the simple clinician login approach;
  • Use non-identifying nicknames and usernames when issuing accounts

If the workarounds outlined above still do not comply with your organization's policy and security practices, ACP Decisions would be prepared to introduce features that auto generate usernames and passwords in a de-identified manner (which would not require entry of names, usernames, or email address). For example, a newly issued clinician account might have the name “Health Clinician 1” and the username "healthcareacp1”.

Alternatively, ACP Decisions could pursue an SSO integration compatible with your organization's requirements assuming coordination with your IS/IT teams.

System Vulnerability Scanning

The My ACP Decisions platform utilizes SAST and DAST methods.  Additionally, it utilizes AWS Services invoking monitoring, threat detection, and mitigation.   

Systems Integrations

Some organizations may need to integrate My ACP Decisions with their EMR. My ACP Decisions platform allows an outside system to order content (generate codes). Each time in order is confirmed, the EMR has the opportunity to record the unique code in the patient record. If the EMR needed to display the status of the order at a later date, it can ask the My ACP Decisions API for a status update. 

The My ACP Decisions API does not collect PHI. Accounts can also be configured to not collect PII.