31 October 2017
Providing Secure Live Chat Integration for Healthcare Organisations
If you missed our last healthcare blog, we explained how healthcare organisations including the NHS, shouldn’t delay procuring live chat due to the uncertainty that GDPR could bring. Our Data Protection Officer (DPO) has researched the changes that would need to actioned to ensure compliance. For more information read Worrying about Procuring with GDPR around the Corner?
In this article, we will be explaining the security aspects of ‘Experiences’ by Click4Assistance and why it is vital for software to have this level of functionality.
Accessing the Click4Assistance Solution
Active Directory (AD) Integration
To manage all users on the company’s network in a central place, Microsoft Windows supplies offices with the Active Directory. It is a simpler way to add or remove users, controlling their access to specific areas such as folders and printers.
It not only makes logging into platforms easier, such as Microsoft Dynamics CRM and Outlook, it makes logging in safer, as only those users can login when they are on the company network. ‘Experiences’ by Click4Assistance integrates with the Active Directory, meaning that those users who have the option ‘Use Active Directory’ enabled, can be automatically logged in with their windows credentials. The organisation’s IT administrators can update the password in one area rather than the user having to change it in multiple platforms, and therefore saving time.
Restricting IP Logins
To ensure users are only logging in to the Click4Assistance account from authorised locations, such as the workplace, is to provide an IP address against the Permissions for the User Type. The solution will only allow users to authenticate and login from the designated IP address(es). Access times can also be assigned against the User Type, this can be set so users can only log in during operational hours or between their set shift times etc.
Users can still use an email address and password as an alternative to using the Active Directory, however for good practice, passwords should be updated regularly to reduce any breaches. The Click4Assistance can automatically expire passwords, enforcing users to update them. Users can manually amend their credentials from within the solution, or the ‘Change Password’ link can be selected from the log in page.
Whilst engaging using Click4Assistance, there are many forms and windows that have the potential to gather visitor’s personal details such as the chat integration. The information transmitted through the system is stored on the database where it is encrypted at rest, aiming to secure the inactive data.
The other type of encryption occurs while data is active and moving between networks and/or devices. For protecting data in transit, Click4Assistance uses encrypted connections such as HTTPS / SSL.
Click4Assistance is an UK company, with data centres in London conforming to ISO 9001 and 27001 standards, Click4Assistance adheres to the stringent regulations laid out by the FCA for data storage, Data Protection Act 1998 and PCI compliance.
Click4Assistance has been operating for over 10 years and provide live chat integration to healthcare organisations including BMI Healthcare, CWP NHS and The Priory Group, we ensure their use of live chat implementation complies with data protection rules and their users and visitors are secure using it. For more information speak with our healthcare co-ordinator on 01268 524628 or email firstname.lastname@example.org.