Reporting
Suspected Data Breach or Security Concerns are to be reported immediately.
JBarrett@millinmedical.com
What to expect once reported:
- Immediate acknowledgment of reciept
- Formal documentation in our tracking system
- Regular updates on the status throughout the incident lifecycle
- [Data Incident Closure Template]
System Use
- The MillinPro+ information system is used to support Federal, State, and Local Government, and may only be accessed and used for official Government business by authorized personnel only.
- Unauthorized access, actions, use, modification, or disclosure of the data contained herein or in transit to/from this system constitutes a violation of the Computer Fraud and Abuse Act, Pub. L. No. 99-474, codified at 18 U.S.C. ยง1030, state criminal and civil laws, and may subject violators to criminal, civil, and/or administrative action and penalties.
- All authorized use of this system must comply with Executive Orders, directives, policies, regulations, standards, and guidance. Any unauthorized use or actions will be investigated, and if required, prosecuted.
- All data contained within this information system may be monitored and recorded and disclosed in any manner by authorized personnel. By proceeding to access the information system, the user acknowledges that there is no right to privacy in this system.
- System personnel may provide law enforcement officials, for investigation and prosecution purposes, any potential evidence of crime found within this information system.
- The use of this system by any user, authorized or unauthorized, constitutes consent to monitoring, recording and disclosure.
Information Sensitivity covered under PHI and PII Regulatory Requirements.
- PHI (Protected Health Information)**: Refers to any information in a medical context that can identify an individual and relates to their past, present, or future physical or mental health condition, healthcare provided, or payment for healthcare. It is a subset of PII but specifically pertains to health data and is protected under laws like the U.S. **HIPAA (Health Insurance Portability and Accountability Act)**. Examples include medical records, insurance information, or details of doctor visits tied to a person.
- PII (Personally Identifiable Information)**: Refers to any data that can identify an individual, either directly (like a name, Social Security number, or email address) or indirectly (like combining a ZIP code and birth date to identify someone). PII is a broader category that encompasses any personal information, not just healthcare-related information.
Millin Technical Leadership
Leadership Roles
-
Chief Technology Officer (CTO) (Acting) - James Barrett - Vice-President of Engineering
Overarching responsibility for technology strategy, security, and system architecture.
[Job Description]
JBarrett@millinmedical.com
-
Chief Information Security Officer (CISO) (Acting) - James Barrett - Vice-President of Engineering
Oversees all aspects of information security, compliance, and risk management.
[Job Description]
JBarrett@millinmedical.com
-
Chief Compliance Officer (CCO) (Acting) - James Barrett - Vice-President of Engineering
Ensures the organization complies with legal and regulatory requirements, including HIPAA and OHIP standards.
[Job Description]
JBarrett@millinmedical.com
-
Chief Operating Officer (COO) - Martina Malvoni
Manages day-to-day operations, including partnerships with EMR systems and operational workflows.
[Job Description]
mmalvoni@millinmedical.com
Technical Roles
-
IT Manager / Systems Administrator - James Barrett - Vice-President of Engineering
Responsible for maintaining internal systems, network security, and user access controls.
[Job Description]
JBarrett@millinmedical.com
-
Software Development Manager - Chris Beard
Oversees development teams, manages lifecycle management of proprietary and partner-integrated systems.
[Job Description]
CBeard@millinmedical.com
-
Data Architect - Gila Engel
Designs and maintains secure data storage solutions, especially for patient and billing data.
[Job Description]
gengel@millinmedical.com
-
DevOps Engineer - Chris Beard
Implements secure deployment pipelines, manages cloud resources, and enforces CI/CD practices.
[Job Description]
CBeard@millinmedical.com
-
Cybersecurity Analyst - James Barrett (Atmosera, Sandwire, Quzara - Cyber Torch)
Monitors for threats, performs vulnerability assessments, and ensures adherence to security best practices.
[Job Description]
JBarrett@millinmedical.com
-
Database Administrator (DBA) - James Barrett - Vice-President of Engineering
Manages databases, optimizes performance, and ensures data integrity and compliance with OHIP standards.
[Job Description]
JBarrett@millinmedical.com
-
Cloud Security Specialist - James Barrett (Atmosera)
Focuses on security measures for cloud-hosted environments and ensures alignment with compliance standards.
[Job Description]
JBarrett@millinmedical.com
-
Data Privacy Officer - Jim Wisz
Ensures patient and billing data privacy regulations are followed.
[Job Description]
jwisz@millinmedical.com
More information about Millin can be found at
www.millinmedical.com