Not all features may be available by default and additional charges may apply for certain features. Please contact Fusion Enterprise with any questions
Permissions! Clinic Staff must have Administrator assigned in order to manage the Patient Portal.
Fusion Enterprise understands that managing all of your cases is a critical function of any practice. We have ensured that you can run all of your practices front office needs through Fusion Enterprise and make it as easy as possible. This series of introductory articles will cover the essential aspects of managing the Patient Portal features with Fusion Enterprise.
Patient Portal: Patient Authentication
Patient Portal Patient authentication ensures the patient that they are accessing the official portal, and the portal can be sure that the person accessing the portal is the patient. This is important because the portal may expose confidential patient information that must only be disclosed to the patient, and we want to protect the patient’s privacy and avoid liability. The Patient Portal employs the same sort of certification that is used by banks. As part of this, all communication over the internet is encrypted ensuring no one is able to eavesdrop on the conversation.
The Patient Portal offers two methods to authenticate a patient to the portal during the registration process. The first method relies on the patient first identifying themselves to the clinic in a manner that the clinic deems sufficient and supplying their email address, which is entered into Fusion Enterprise. Later, when the patient registers with the portal, they will enter their email address into the portal which will verify it against what was previously entered into Fusion Enterprise. If there is an agreement between these two emails, an email will be sent to this address, and the patient must respond to complete registration. This ensures that only the patient (or his trusted representatives) has access to this email account, so after receiving a response, the portal knows that this is the same patient identified by the clinic. Note: the clinic must make it clear to the patient how the email address will be used, and if the patient objects, then the alternate method of authentication must be used.
The other method of authentication involves the clinic registering the patient through Fusion Enterprise and supplying a temporary portal password to the patient. This bypasses the email scheme discussed above. The patient uses the temporary password to log in and must then immediately replace the temporary password with a permanent one. It is the clinic’s responsibility to safeguard the temporary password and to make sure that it is only given to the patient. With this scheme, both the patient and the clinic will have knowledge of the temporary password until it is used and changed. Thus, there is a small window opened by the clinic that could increase their liability in the event of a leak.
NOTE: It is important to note that in both cases it is the clinic that confirms the patient's identity before taking an email address or handing out a temporary password.