E2E encrypted patient health data

Picture of Nejc Rodošek

Nejc Rodošek

We prioritize the security and privacy of patient health data through our robust End-to-End Encryption (E2EE) feature. E2EE ensures that patient information remains secure throughout its lifecycle within the app, offering unparalleled protection against unauthorized access and breaches.

Understanding End-to-End Encryption (E2EE):

End-to-End Encryption (E2EE) is a security measure that encrypts data at the source and decrypts it only at its intended destination. This means that data is encrypted on the user’s device (client-side) and can only be decrypted by the recipient (server-side), ensuring that even the service provider (TINA app) cannot access the plaintext data.

Why Use End-to-End Encryption?

E2EE is crucial for safeguarding sensitive patient health data:

  • Enhanced Security: By encrypting data both in transit and at rest, E2EE prevents unauthorized parties, including hackers and malicious actors, from accessing or intercepting patient information.
  • Privacy Protection: It ensures patient confidentiality by ensuring that only authorized personnel with the decryption key can access the data, even if intercepted during transmission or stored on servers.

Benefits of End-to-End Encryption (E2EE):

Implementing E2EE in TINA app offers several benefits:

  • Advanced Security Measures: Protects patient health data from unauthorized access and breaches.
  • Compliance: Helps healthcare organizations comply with strict data protection regulations, such as HIPAA, GDPR, and others.
  • Trust and Confidence: Builds trust with patients and stakeholders by demonstrating a commitment to data security and privacy.

Setting Up End-to-End Encryption (E2EE) in TINA:

Step 1: Admin Login and E2EE Key Setup

When the admin of an organization logs in for the first time, they will receive a popup notification to either generate a new E2EE key or upload an existing one.

Step 2: Generating a New E2EE Key

If choosing to generate a new key, the TINA system will provide a file containing the encryption key. This file must be securely stored by the admin to ensure ongoing access to encrypted data. The admin will also have to provide this key to every user so they can log into the organisation.

Step 3: Key Usage for Security

The E2EE key must be used each time TINA is accessed from a new browser or device. This ensures that encrypted data remains protected and accessible only to authorized users.

Step 4: Caution with Key Management

It is crucial to exercise caution with the E2EE key. Losing the key can result in permanent loss of access to encrypted data, as decryption without the key is extremely challenging.

Additional Security Measures:

  • Regular Backups: Maintain secure backups of the E2EE key to prevent loss or corruption.
  • Training and Awareness: Educate staff about the importance of E2EE and secure key management practices to minimize risks.

Troubleshooting Tips:

Encountering issues with E2EE setup? Here’s how to address common concerns:

  • Key Loss: If the E2EE key is lost, contact TINA support immediately for assistance in recovery or re-establishment of encryption.

By implementing End-to-End Encryption (E2EE) in TINA, you can significantly enhance the security and privacy of patient health data. Protect sensitive information effectively, comply with regulatory requirements, and build trust with patients and stakeholders. For further guidance or support, please reach out to our dedicated customer support team. We’re committed to ensuring your data remains secure and your practice runs smoothly with TINA.

The Latest

Popular Articles

The Process of Invoicing in Therapy Practices

Invoicing is a crucial aspect of managing a therapy practice, as it not only ensures that you are compensated for your services but also helps maintain clear financial records for both the therapist and the client. Here, we provide a detailed guide on how to handle invoicing after a therapy

Efficient Scheduling in Therapeutic Practice

Effective appointment scheduling is crucial for maintaining an efficient workflow in any service-oriented practice, such as those in healthcare, consulting, or personal coaching. It ensures that clients are seen promptly, resources are utilized optimally, and the professional’s time is maximized. This article will guide you through best practices for scheduling

Creating Pricelists in Therapeutic Practice

Creating a well-structured pricelist is crucial for any professional service provider, including therapists, consultants, and trainers. An effective pricelist not only communicates your service fees transparently but also reflects your expertise, helps manage client expectations, and sets the tone for the financial health of your practice. Here’s a detailed guide

Are you interested in writing for Tina Blog?

Learn more

Shopping Cart
Scroll to Top

Privacy Policy

In accordance with the GDPR, we inform you that we have adapted our communications to comply with the regulations on the protection of personal data. Your personal data will only be processed for the purposes with which you expressly consent. Consent to the transfer of personal data is voluntary and you can also withdraw your consent at any time in the same way as you gave it. If you do not provide personal data or withdraw your consent, Centrum cognitio d.o.o. will not be able to fulfil the purpose for which the data was collected. In addition, you have the right to access the data, the right to rectification, the right to erasure (“right to be forgotten”), the right to restriction of processing, the right to contract and the right to data portability. To exercise the aforementioned rights or in the event of a complaint, please contact the Personal Data Protection Officer, otherwise contact the address for: Data Protection Officer, Centrum cognitio d.o.o., Šarhova ulica 34, 2000, Slovenia or on e-mail: [email protected].

If you believe that the processing of personal data violates provisions on the protection of personal data, you have the right to lodge a complaint with the Information Commissioner.

The data will be kept until your withdrawal or for as long as necessary to achieve the purpose for which the data was collected.

The controller, the company Centrum cognitio d.o.o., undertakes to process and protect the data in accordance with the Personal Data Protection Act and the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council.

We use the MailChimp marketing platform for the purposes of electronic notification. By registering or filling out the form, you agree that we manage your data under the above conditions and that the information you provide us is simultaneously transmitted to MailChimp, which provides us with this service. The company Centrum cognitio d.o.o. will ensure that MailChimp provides the same level of protection of personal data as required by local and European legislation, in particular by signing EU standard contractual clauses, unless otherwise specified in individual cases.

Cookie policy

Cookie policy

The Electronic Communications Act (Official Gazette No. 109/2012), ZEKom-1, has incorporated rules on the use of cookies and similar technologies to shop or access information stored on users’ computers, tablets or mobile devices into the legal system.

Our website may place a so-called “cookie” on your computer’s browser.

What are cookies?

Cookies are small text files that give us information about how often a person visits our website and what content the user views. Cookies are not harmful and are always temporary. The cookies themselves do not contain any data that would allow a person to be identified. You always have the option to accept or reject cookies. Most web browsers accept cookies automatically, which you can change in the settings so that your computer rejects cookies or you receive a warning before a cookie is stored.

Strictly necessary cookies

These are cookies that are necessary for the proper functioning of the website and without which the transmission of the message on the communication network would not be possible. These cookies enable user-friendly online services, a better user experience and do not require consent.

 Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google. Google Analytics uses cookies to analyse how users use the website. The information obtained by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google [on servers in the United States]. Google will use this data for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this data to third parties where required to do so by law, or where such third parties process the data on Google’s behalf. Google will not associate your IP address with any other data held by Google.

Google Analytics sets the following cookies:

  • _ga 2 years This randomly generated number is used to determine unique visitors to our website.
  • _gid 24 hours This randomly generated number is used to determine unique visitors to our website.
  • _gat 1 minute Limiting the frequency of requests.

You can find detailed information about Google Analytics and your privacy (including how you can control the data sent to Google) at https://policies.google.com/privacy/partners.

Service cookies

We cannot manage the use of third-party cookies; for more information about these cookies, visit the websites of these persons, e.g. Facebook, Twitter, Instagram, YouTube.

If you do not want to use online cookies, you can refuse or disable the storage of cookies in your browser settings. If you agree to the use of our cookies, but not to the use of third-party cookies, you can select the “block third-party cookies” option (reject third-party cookies) – the option may vary slightly between different browsers.

How to manage cookies?

You can also control and change cookie settings in your web browser. For information about cookie settings, select the web browser you are using.

If you have previously given your consent for cookies and later changed your mind and excluded the receipt of cookies in your browser, your visit to the website will be understood as a first visit. In this case, you will receive a cookie notification again.

Additional questions

All further questions about cookies can be sent to us at the email address [email protected]