Effective beginning January 12, 2021
What Data Does 7D Collect?
This refers to:
• Preoperative imaging data (currently CT or MR) generated by external imaging modalities and imported onto the system using removable media or via network;* and
• Intraoperative imaging data produced by 7D Surgical System during clinical workflows.
This type of data (also referred to as session logs) is collected during clinical workflows and includes information that can be used to re-play clinical sessions at later times, which can be used for complaint investigation or research purposes when appropriate data transfer agreements are in place.**
The system also allows users to save screen captures during clinical workflows, which can be exported by the user for future reference.
System Diagnostics Data
This includes various system application logs that record low-level technical information about system’s functionality and performance.
Audit Trail Data
Audit trail data captures information pertaining to system and patient data access. This data enables hospital IT personnel to view patient data access history.
* The imported imaging data is saved on the system in the original (DICOM) format.
**System session logs are fully anonymized and encrypted even when exported from the system.
What Data Security Processes Does 7D Implement?
• The system’s computer (including the internal storage device) is enclosed inside the system cart that is equipped with a physical lock.
• The system computer’s hardware interfaces are not accessible to the user (with the exception of interfaces that are required to support clinical workflows which are exposed via the system cart’s front panel only).
• System users are not able to boot the system computer from any external bootable source.
• The system requires password-based user authentication before system applications (and system data) can be accessed.
• System users are not able to install, execute, or access any software that is not part of the clinical workflow.
• System users are not able to access stored system data directly.
• The system does not allow system users to access Internet.
• The system is equipped with a firewall software that blocks any unintended network communication.
• The system is equipped with artificial intelligence model-based antivirus software.
• The system does not allow export of Patient Data.
• Session Data and System Diagnostics Data can be accessed by authorized 7D Surgical personnel only.***
• All 7D Surgical employees are trained on 7D Surgical HIPAA Policy.
• The system data is store in a hard drive that is encrypted at rest.
• Audit Trail Data is accessible to authorized 7D Surgical and hospital personnel only.
***Session Data and System Diagnostics Data can only be accessed with the formal consent from the system owner.