How Magnus Health Prioritizes Your School’s Data Privacy and Security
It seems like every other day there’s a headline or news story about a wide-spread data breach. For K-12 schools specifically, statistics from the K-12 Cybersecurity Resource Center show that schools have experienced roughly 1,600 cyber incidents since 2016 — nearly one each school day.
Magnus Health and School Security
Your school’s data privacy and security is of the utmost importance and, as such, your student health record (SHR) software needs to prioritize it accordingly. Here at Magnus Health, it’s our number one job to protect our schools’ data and safeguard student health information.
“We understand the important role our system plays in the safety and health of your school community,” says Martika Townes, Senior Manager of Privacy and Case Management at Magnus Health.
We follow cybersecurity best practices and abide by four key data privacy and security principles to keep our schools safe: confidentiality, integrity, availability, and shared responsibility.
Confidentiality
Student health data is classified as protected health information (PHI). Aligning with best practices, this data should only be accessible by authorized users to respect students’ privacy and ensure their safety.
The principle of data confidentiality ensures that only authorized users can view, access, change, or otherwise use data; necessary information is only shared with authorized users and organizations. This principle limits the potential to disclose unauthorized information to unauthorized individuals while reducing your risk of identity theft and malicious cybersecurity tactics.
Magnus Health practices confidentiality in several ways:
- We’re hosted by a leading cloud provider in multiple locations
- Our platform is secured by Single Sign-On
- We use TLS (SSL) encryption in transit and AES encryption at rest
- We’re protected by WAF and DDoS
Integrity
The accuracy of your student health data is crucial to your nurse’s ability to administer proper medications, your athletic trainer’s ability to treat injuries, and your school’s ability to care for each individual according to their unique needs.
The principle of data integrity refers to a platform’s ability to ensure that the system and associated information is accurate and correct. Data integrity is important because it enables searchability, traceability, connectivity, performance, and the ability to recover information within your SHR software.
Our focus on data integrity ensures that we are storing accurate, high-quality student health data at all times. Magnus Health practices data integrity in several ways:
- Our infrastructure meets guidance from the Center for Internet Security Benchmarks
- We use built-in protections, encrypted backups, and active security monitoring
- We abide by HIPAA, FERPA, and PCI-DSS requirements
- We monitor cybersecurity threats with 24/7, 365 SOC
Availability
A recent poll with Magnus Health customers shows that, on average, schools access emergency contact info 57 times each year. Emergencies happen, and you need to be able to access your student health data when they do!
The principle of availability refers to a platform’s ability to ensure that systems, information, and services are available. It means that we’re not just collecting and storing your data — we’re making it readily accessible so you can find what you need, when you need it.
Magnus Health ensures data availability in several ways:
- Our platform is accessible anywhere, anytime with 99.9% uptime
- We utilize automated monitoring to track performance
- Data is accessible to authorized users via web portal and mobile application
Shared Responsibility
At the end of the day, it’s important to remember that data privacy and security is a joint effort. It requires action and oversight from information security teams, employees, leadership, technology teams, and even consumers like yourself.
Human error is the number one cybersecurity threat. Schools can combat this threat by establishing strong policies and procedures for internal data usage. Be sure to set appropriate user account permissions, communicate PHI in a secure manner, and keep your network safe by properly storing all SHR credentials.
Lastly, data security is constantly evolving — and so are our practices. Says Townes, “As technology evolves and cybersecurity threats become more sophisticated, our measures to keep your data safe will also continue to evolve and meet the necessary demands.”
By focusing on the four pillars we explored above, we’re able to pivot when necessary and continue to provide industry-leading data privacy and security to our customers in the midst of a changing landscape. To learn more about how Magnus Health can safeguard your student health data, contact us for a custom demo.