About Imunis and Your Data
What is Imunis?
Imunis is a digital vaccine data platform co-created and developed by a team of patients, Central Health doctors, and experienced technology developers.
Using both digital and medical international best practices to ensure all features are aligned with patients’ best interest, Imunis aims to ensure that verified copies of vaccine records are available to patients, remain under their and their medical providers’ control, and are shared only with patient consent. Imunis has been designed to allow patients to keep a single, digital record of all the vaccines they take across their lifetime, and to help keep patients on track with the latest official vaccination recommendations.
By digitizing and consolidating this information, Imunis aims to reduce the burden of vaccine-preventable disease, while reducing the time and cost involved in recording, tracking and sharing vaccination information.
Imunis is currently piloting with Central Health medical practice, in Hong Kong, to capture user feedback and test the real-world benefits of the platform.
How does Imunis work?
Imunis interprets the vaccine records held with your connected health providers, and also digitises the recommendations issued by official government entities in different jurisdictions. It allows you to store your records and also provides a personal vaccination status which takes into account the number and timing of doses relevant to different age groups. It bases your status on the records you hold on the app.
Currently, you may scan Covid-19 records issued by the Hong Kong SAR, NHS Digital and EU Green Pass, and Imunis will digitally interpret them for you. You can also manually record your annual Influenza vaccinations. Records for all other diseases may be recorded by your health provider. Some health providers may allow you take existing paper records of vaccinations provided by other health organisations and digitise them for you. Others may provide digital copies of records issued by their own staff only. Imunis currently references the official recommendations of Hong Kong, and can provide a digital status across Covid-19, Influenza, Measles, Tuberculosis and HPV.
How can I connect?
Healthcare providers may offer their patients (registered patients over the age of 18 years) access to the Imunis app. Clinic staff will invite patients to connect via an email issued by the patient’s doctor or nurse, from the Imunis platform. Once the patient has completed a consent and verification process within the app, any vaccinations taken with the connected healthcare provider will be digitally recorded and shared with the patient via the app.
The records of children under the age of 18 years may be shared with a parent or guardian, following a similar process to that outlined above. Both the child and the parent/guardian must be registered patients with the clinic for identification purposes.
Once onboarded, the patient may add Covid-19 records via QR code to the app for themselves or dependants, and manually add Influenza vaccine records, and these records will be visible at a summary level to the connected healthcare provider via the Imunis platform.
Records will only be shared between the patient and those healthcare organisations that the patient has consented to share with.
What if I don’t wish to take part?
If you receive an invitation to connect with Central Health via Imunis, you may either ignore the email (which will expire after a set period of time for security purposes), or reject the consent. In both cases, data will not be transferred to the app.
If you have previously accepted a connection and/or onboarded to Imunis, you may disconnect directly from the app, and/or you may ask Imunis to delete your profile and account, which will remove all data within 28 working days. Please note that this does not apply to your medical history and notes held with Central Health, which are stored securely and legally subject to data retention requirements.
If you decline an invitation for yourself, any child/dependant invitations will also automatically be declined. You may consent to join the platform for yourself, but decline or close down the option for the child/ren/dependants in your care.
Which data does Imunis collect and why?
The Imunis system only collects the data necessary to provide our service to you. We need to accurately identify you in order to share the correct records, and reference certain information which allows us to let you know which vaccinations are recommended, and when.
Name - to identify you/your dependant
Date of Birth - to identify you/your dependant and provide suitable vaccination schedule information
Clinic ID - the number a healthcare provider uses to identify you in their medical records systems. We may on occasions use this to identify you/your dependant and correctly release medical records.
Email address - to identify you/your dependant & communicate with you as needed to manage your account, including for identification and security purposes
Gender - to provide suitable vaccination schedule information
Personal ID data - you may choose to record this but it’s not mandatory. We allow the option because many ‘verifiers’ of vaccination records require this data point to be included, such as education establishments, visa processors etc.
Vaccination records, including type & date - to provide records to patients digitally and let the patient know which vaccinations may be recommended in the future
Who has access to your information?
You, the account holder of the Imunis app, and the professionals who have access to your medical records in the organisations you have chosen to connect with. We do not share your personal information with any 3rd party organisation for marketing or any other purposes.
How do we protect your information?
Imunis was founded by a patient and doctor team with a background in technology, and we design, build and operate around patient centricity. Our team has years of experience in high-risk, regulated industries, and we apply best practice methodology across our solution and organisation.
Some of the technical steps we take to protect your personal data include the following:
We use firewalls & data encryption at rest and in transit to protect our systems and your data
We use third party specialist services to test our systems, challenge our security and scan the environment for potential threats before issues arise
We systemise our development process and build checks and balances into our code development and operations to avoid human error and protect our technology and data from the inside
We ask that patients help us with data protection. Please ensure that you only share records through the sharing function with parties you trust. Please remember to apply good password security management, and treat printed/downloadable records with care.
If you have any further privacy-related questions, please contact us at firstname.lastname@example.org.