Yes, CognisantMD has completed or participated in the following privacy/security audits for Ocean:
- CognisantMD Privacy Impact Assessment (PIA), audited by MNP (revised Nov 2020; see attached)
- Threat Risk Assessment (TRA) by MNP (revised to incorporate Cloud Connect (October 2018; see attached*).
- Privacy/Security Assessment by Shoppers Drug Mart (April 2018)
- Privacy/Security Assessment by TELUS (Sept 2016)
- Threat Risk Assessment (TRA) by MNP (May 2016; summary available by request).
- Assessment by Sunnybrook Health Sciences Centre (April 2014)
- Assessment by St. Michael's Hospital (July 2013)
Note that this is not an exhaustive list; other healthcare organizations have done assessments in which we have either not been be directly involved or have been asked not to disclose.
* As per industry best practice, we do not publish or send full TRA documents electronically. The TRA documents published here are summaries prepared by MNP expressly designed to provide sufficient information to stakeholders without disclosing specific recommendations. Stakeholders who have a legitimate need to review the full TRA document may do so on site in our Toronto office after signing a non-disclosure agreement.