CognisantMD is a software company based in Toronto, Ontario. Our Ocean software is used across Canada by over 25,000 healthcare providers to connect with over 10,000 patients daily. The Ocean Platform is used by numerous Public Health organizations, the Ontario Ministry of Health, and leading teaching hospitals.
Ocean is designed to help make healthcare better and easier for patients. With Ocean, you can be sure your patient information is always kept private and secure, using the most advanced technology available. For example, when you interact with Ocean to complete a form on a tablet in the waiting room or through a secure email, your responses are encrypted from end-to-end, then transmitted directly into your patient record at the health care provider’s office. This eliminates the need for your clinic to print and mail out forms and transcribe your responses while giving you an easier way to contribute to your own record.
How to Use Ocean
- Go to your healthcare provider’s online booking portal.
- Enter your first and last name, date of birth, and health number.
- Pick the provider you want to see.
- Pick your appointment type, answer additional questions, and complete forms (if applicable).
- Pick a date and time for the appointment.
- Check your email to make sure it’s spelled correctly and book your appointment!
You will receive a confirmation email with your appointment details. If you need to cancel or reschedule, you can use the link provided in the confirmation email.
- Open and read the email from your healthcare provider.
- If they include any personal health information or need you to complete forms, there will be a blue secure weblink in the body of the message. Click on the link to take you to the secure message and forms in the web browser.
- To access your secure session, enter your date of birth. Depending on the provider, there may be additional security questions to validate your identity.
- Read over the secure message and check the box labelled “I have received this message” to confirm you’ve read the message. If there were any attachments, download the files via the grey “download” button attached to the secure message.
- Click “Next” to move on to your forms. If there are no forms, you can close the window.
Once your forms are complete, your responses will be automatically sent into your patient record for the provider to review.
Before attempting to send pictures, files, and other personal health information (PHI), check with your clinic to see what options they’ve made available for you.
While the Ocean Platform allows patients to respond to a secure message and/or send photos and documents, these features are optional and fully controlled by your healthcare provider. If your healthcare provider is using Ocean for secure file transfer, please follow these steps:
- Go to your healthcare provider’s file uploader.
- Enter your first and last name, date of birth, and health number.
- Click the checkbox labelled “I would like to include an attachment with this message.”
- Click the “Add Attachments” button to select one or more files. Hit “Finish” once you’re done.
Do not email personal health information (PHI), including photos and documents, to CognisantMD directly. Our email address does not belong to your healthcare provider and we are unable to assist with individual patient requests.
Note: Ocean accepts attachments with a size limit of 10MB per file and up to 50MB total for all attachments. There is also a limitation on certain file types (.jpg, .jpeg, .png, .tiff, .tif, .mp3, .mp4, .txt, .pdf). If you upload a file type that is not supported or that is too large, you will receive an inappropriate size or type error message.
Security & Privacy
CognisantMD provides software solutions designed to support secure and private communication between patients, healthcare providers, and researchers. As a trusted technology provider to health information custodians, we are committed to the most stringent approaches to data security and privacy and full compliance with PHIPA regulations.
The Ocean Platform was built from the ground up to ensure patient health data is kept private and secure, using client-side patient encryption technology. All patient data sent to and stored within Ocean is encrypted end-to-end using the industry-standard 256-bit AES, the same technology used for online banking.
To further guard against any possible breach of personal health information on our Ocean servers, patient data is encrypted using a private key, created by and known only by health clinic administrators. Since encryption keys are kept private and stored locally within each individual clinic, no agent outside of the clinic can ever decrypt or read private patient information. This ensures that even the most trusted staff and technical team members at CognisantMD are completely unable to read patient charts or any private health information.
No. As noted above, CognisantMD is committed to keeping patient data secure using the most stringent approaches to data security and privacy. Furthermore, since all data is fully encrypted, CognisantMD cannot access personal health information in a readable format. In this encrypted state, data is meaningless and can not be commoditized or sold to a third party, including the parent company of Ocean by CognisantMD, WELL Health Inc.
Ocean by CognisantMD is not an Electronic Medical Record (EMR) system and not designed to act as a long-term repository of health information. All patient data is stored in encrypted form only for a limited time in order to support patient care. During that time period, only healthcare providers with a secure login and access to the clinic’s unique encryption key can access decrypted patient health information residing in Ocean. Once patient data has been successfully downloaded to the patient chart in the clinic’s EMR, it is routinely deleted from the Ocean Platform. All Ocean data, including client-side encrypted PHI, is stored in our primary storage facility located in Montreal, with additional copies of the data kept in a warm failover disaster recovery facility in Toronto.
Traditional email communication comes with a lot of privacy risks – emails and their contents can easily be forwarded without your knowledge, messages may be sent to the wrong address, and more. To combat some of these risks, we ask you to confirm your identity through a quick validation process to make sure you are the correct and intended recipient. By default, we will always ask for a birth date because it is an easy piece of information for you to remember. We then use that birth date to check against your patient record to ensure there is a match. Only then will you be able to see the contents of the message.
In some cases, your health care provider might ask for additional information. This can include your health number, your patient record number, or a pre-determined access word that you and your provider agreed upon. Just to be clear, Ocean does not collect or use your birth date or other PHI when we run the validation checks.
Depending on your healthcare provider’s settings, messages may be delivered from their clinic email address or “firstname.lastname@example.org.” The contents of the message can vary from provider to provider, but for the most part they will look the same. Please take a look at some examples below.
As an additional security measure after you click on the link, look for a “lock” symbol in your web address bar. This means the site is safe and there is a private connection. These security settings can vary depending on the browser you use so it’s always a good idea to understand how your browser identifies safe and unsafe websites.
FAQs & Troubleshooting
If your healthcare provider wants to use Ocean to communicate with you, they will need to collect your email address and obtain email consent before sending any messages. If you provide email consent, you may receive an email from Ocean at CognisantMD on behalf of your healthcare provider for the following reasons:
- To confirm and remind you of an upcoming appointment
- To ask you to complete forms before or after an appointment
- To share test results or other information regarding your health
- To provide information about a secure electronic referral (eReferral) for specialist services
If you believe you should not be receiving these types of emails, please contact your healthcare provider directly.
If you are a patient, please do not send personal health information directly to Ocean. Our email address does not belong to your healthcare provider and due to privacy restrictions designed to protect you, we are unable to help with any requests.
If you booked your appointment online using Ocean, you may be able to cancel your appointment through the confirmation email. Please keep in mind that your healthcare provider sets their own cancellation policies. When in doubt, it’s always best to reach out to the clinic directly.
If your appointment was booked by the clinic, you will need to contact them directly to cancel your appointment.
As a reminder, your appointments are not booked with us; we are just the technology platform that your healthcare provider uses to communicate with you.
The Ocean Platform allows patients to respond to a secure message and/or send photos and documents, but these features are optional and fully controlled by your healthcare provider. It is always best to check with your clinic to see what options are available to you.
It may be helpful to know that Ocean’s online booking system requires a perfect match between the name, birth date, and health card number in order to proceed with a booking. If there is a discrepancy between the information in your health record and what you enter on the booking form, you will be prevented from continuing with a booking. We recommend double-checking spelling and your health card number when attempting to book.
If you are still unable to book online, please ask your healthcare provider to review the information that they have on file for you.