ONE Mail is an encrypted email service that lets registered health care professionals share patient information quickly, confidently and securely. ONE Mail is being used by pharmacies, hospitals, community care access centres, long term care facilities, addiction and mental health clinics and the broader community care sector across Ontario.
ONE Mail Partnered
ONE Mail Partnered Allows subscribers to use their existing email system to exchange email messages with other health care professionals.
ONE Mail Direct
A comprehensive email service hosted in our highly secure environment for eligible health care organizations requiring e-mail accounts.
Benefits of ONE Mail
- Secure email exchange of personal health information
- A searchable directory of all other ONE Mail users
- Built-in anti-virus and anti-spam filters
- Automatic encryption of email communications
- Reliable, scalable, highly available service
- Policies and processes in place to ensure only authorized people can access ONE Mail
- ONE mail users go through a rigorous identification process (assurance that contacts are who they say they are)
- Free implementation to Ontario health care providers
- Assistance with installation and set-up
- Training documentation provided to guide end users in the secure use of ONE Mail
Sign Up For ONE Mail
Interested in signing up for your own individual ONE Mail Direct account, and have a CPSO number, please reach out to us at firstname.lastname@example.org.
ONE ID clients vary widely and include clinicians such as physicians, nurses and dentists. The service is used by health care providers to access secure information on public health, oral health and Ontario drug benefit program.
ONE ID is an identity and access management system. It ensures that only health care professionals and their staff have access to personal health information. In addition to safeguards that apply to all eHealth Ontario products and services, ONE ID features the following:
- All registrants must be sponsored by organizations to which they require enrolment. The sponsors are responsible for identifying a registrant’s service entitlement
- We use registration authorities (RAs) and local registration authorities (LRAs) who are trained to handle personal registration information securely. Our processes and systems transport, store and process this information securely. RAs or LRAs are responsible for identifying and authorizing registrants.
- All RAs and LRAs receive refresher training to remind them of their responsibilities when handling sensitive information
- Registration has different levels of identity validation or assurance levels. We work with application owners to determine the level of assurance needed. Individuals registered at the medium level of assurance must present, in person, two pieces of valid ID, one of which must include a photo
eHealth Ontario Practices
- We have a certification practices statement (CPS) that describes the practices followed by our certification authority when issuing public key infrastructure certificates and keys. We conduct privacy and security assessments to ensure that the collection, storage, use and disclosure of personal identity information related to registration comply with legislative and privacy protection requirements
- Users must follow strong password composition rules
- Registrants set up two challenge questions that help desk staff can see to verify their identity over the telephone if they forget or lose their password. Challenge questions are questions to which only the registrant knows the answer, allowing their identity to be verified without divulging the password. Online verification of challenge question is also available. The online challenge questions are not visible to help desk staff and used for online password recovery
- Users must agree to follow our acceptable use policy
- Clients are responsible for training their users to protect privacy and security when using eHealth Ontario products