Legal documents

Acceptable Use Policy for Ambiki

Purpose

The purpose of this Acceptable Use Policy (AUP) is to ensure the secure, appropriate, and ethical use of Ambiki’s platform. This policy outlines the guidelines and expectations for users accessing, managing, and utilizing patient information through our EMR system, teletherapy, therapy tools, Tenalog, and the entire Ambiki site.

Scope

This policy applies to any individual granted access to their own organization or their employers organization within the Ambiki platform and to any user who utilizes any aspect of Ambiki’s functionality. It encompasses all activities related but not limited to, accessing, handling, transmitting, or storing patient information.

Compliance

All users of Ambiki are required to comply with this policy, relevant laws, regulations, and organizational policies governing the protection of patient information, including but not limited to HIPAA (Health Insurance Portability and Accountability Act) and other applicable data privacy laws.

Access Control

Access to the Ambiki platform shall be granted based on the principle of least privilege, where users are provided access only to the information necessary to perform their job responsibilities. User access shall be periodically reviewed and updated as necessary.

User Responsibilities

  • Users must maintain the confidentiality and integrity of patient information at all times.
  • Users are responsible for safeguarding their login credentials and ensuring that unauthorized individuals do not access the EMR platform using their account.
  • Users must report any suspected security incidents, breaches, or unauthorized access to the appropriate authorities promptly.

Data Handling

  • Patient information stored within the EMR platform should only be accessed for legitimate healthcare-related purposes.
  • Users are responsible for the accuracy and completeness of patient information entered into Ambiki’s EMR system.
  • Sharing patient information outside of the Ambiki platform should only occur when necessary for patient care and must adhere to organizational policies and legal requirements.

Security Measures

  • Users must adhere to all security measures implemented to protect the EMR platform, including but not limited to encryption, access controls, and regular system audits.
  • Users must refrain from attempting to bypass or circumvent security measures or engage in any activities that may compromise the security of Ambiki.

Prohibited Activities Include yet are Not Limited To

  • Unauthorized access, use, or disclosure of patient information.
  • Intentional or unintentional alteration or destruction of patient records.
  • Sharing login credentials or allowing unauthorized individuals to access the EMR platform.
  • Installing or using unauthorized software or tools on devices accessing the Ambiki platform.

Consequences of Non-Compliance

Violations of this policy may result in disciplinary action, including but not limited to reprimand, suspension, termination, or legal action, depending on the severity and impact of the violation.

Policy Review

This policy shall be reviewed periodically and updated as necessary to ensure alignment with regulatory requirements, organizational changes, and emerging best practices in healthcare information security.

By accessing Ambiki, users acknowledge their understanding of and agreement to abide by the terms outlined in this Acceptable Use Policy as well as in our Privacy Policy and Terms of Service. Failure to comply with these terms may result in disciplinary action, up to and including termination of access and legal consequences.