Programs
and services
Discharge Summary
Find out more
If you are interested in learning more about our programs,
complete our online information request form.
For information on
ONE Network & ONE Mail
1-866-250–1554
servicedesk@ehealthontario.on.ca
ONE® ID
The ONE ID identity and access management service is a set of systems and processes that enables health care providers to access ehealth services, and is a key element in making those services trusted and secure.
ONE ID Direct
ONE ID Direct helps ensure that only registrants who need secure and reliable access to personal health information have access to it. The robust identity validation process uses a person’s real-world identity to create a digital identity, which is then used to authenticate a person’s access to an application.
ONE ID Direct leverages staff in a health care organization or association to ensure that eHealth Ontario processes are followed in the registration and validation of application users.
ONE ID Partnered
ONE ID Partnered allows a health care organization to use its own processes and systems to register and validate users.
Benefits:
- ONE ID Direct allows eHealth application service owners to provide access to their services in a highly secure, controlled and efficient manner.
- The ONE ID sponsorship framework identifies eligible health care providers for access to eHealth services.
- ONE ID’s enhanced privacy and security safeguards help protect patient and registrant information.
- ONE ID allows use of the same digital identity to access multiple eHealth services hosted by eHealth Ontario, thereby reducing the numbers of IDs and passwords a user must manage and remember.
Product Sheet
View printable product sheet for details and service level commitments.
PKI Certification Manual
ONE ID uses the eHealth Ontario Public Key Infrastructure. Click to read.
ONE ID Clients
| All Community Care Access Centres (CCACs) | use it to access hosted applications for financial, administrative and patient care needs |
| Users of the www.PublicHealthOntario.ca and www.eHealthOntario.ca Portals | access secure content using ONE ID |
| Physician users of www.OntarioMD.ca | access information, ONE Mail accounts and the electronic medical record system we host |
| Public Health Workers | use it to access the Integrated Public Health Information System for outbreak management |
| Public Health Nurses | access the Integrated Services for Children Information System for the Healthy Babies, Healthy Children Program which meets the needs of the 130,000 newborns and their families every year |
| Hospital Emergency Department Staff | use it to access patients’ Ontario Drug Benefit information from a Ministry of Health and Long-Term Care application we host |
ONE ID Security Features
ONE ID is an identity and access management system that ensures only health care professionals and their staff have secure and reliable access to personal health information. In addition to safeguards which apply to all eHealth Ontario products and services, ONE ID has the following additional safeguards:
Registration
- All registrants must be sponsored by organizations to which they require enrolment. The sponsors are responsible for identifying a registrant’s service entitlement
- We use Registration Authorities (RAs) and Local Registration Authorities (LRAs) who are trained to handle personal registration information securely. Our processes and systems transport, store and process this information securely. RAs or LRAs are responsible for identifying and authorizing registrants
- All RAs and LRAs receive refresher training to remind them of their responsibilities when handling sensitive information
- Registration has different levels of identity validation or assurance levels. We work with application owners to determine the level of assurance needed. Individuals registered at the medium level of assurance must present – in person – two pieces of valid, acceptable ID, one of which must include a photo
eHealth Ontario Practices
- We have a Certification Practices Statement (CPS) that describes the practices followed by our Certification Authority when issuing Public Key Infrastructure certificates and keys. The CPS supports the Certificate Policy which addresses certification policies and procedural controls for certificates and keys
- We conduct privacy and security assessments to ensure that the collection, storage, use and disclosure of personal identity information related to registration complies with legislative and privacy protection requirements
User Responsibility
- Users must follow strong password composition rules
- Registrants set up two shared secrets that Help Desk staff can see to verify their identity over the telephone if they forget or lose their password. Shared secrets are questions to which only the registrant knows the answer, allowing their identity to be verified without divulging the password. Online verification of shared secrets is available where appropriate
- Users must agree to follow our Acceptable Use Policy
Client Responsibility
Clients are responsible for training their users to protect privacy and security when using eHealth Ontario products.