Ensuring that the data processed by Tyro Health Online remains secure is of critical importance to us, and of the providers who use Tyro Health Online. Here are some measures you can take to increase the overall security of your account and data.

While not every staff member may need to log into Tyro Health Online, maintaining separate accounts for all the users that do is an essential security measure to ensure the security and privacy of your business data. By assigning individual accounts to each staff member, you enhance control and oversight, protecting sensitive information.

As per our pricing page, there are no fixed monthly fees, as all fees are transaction based, so there’s no cost to add staff members or accounts. The benefits to your business are clear:

Using separate accounts on the Tyro Health platform is an important measure to protect your business data. It ensures appropriate permission levels, reduces authentication complexity, and improves auditing and accountability.

If your Tyro Health account password is stolen, two factor authentication (2FA) protects your account by requiring a login attempt or password change to access another proof of identity - 2FA in Tyro Health Online relies on your password (one, something you know) and a code sent to your phone (two, something you have) - find out more.

This means adopting unique logins over a shared login(s) to access Tyro Health Online - separate logins per user helps to ensure that credentials remain private and that actions can be traced to Tyro Health accounts. Further, keep the number of Business Admins and Location Admins to as few as required as those roles have greater levels of access and permissions in Tyro Health Online - find out more.

Any application with access to your API key will have access to all of the information in that account. Keep your API keys as secure as your password and only provide them to systems you trust. Delete API keys when no longer required and if you're changing software providers, delete any old API credentials and generate new ones for your new system integration.

Be sure to remove login access or delete accounts for those that are no longer associated with your business. If needed, login access can be removed from accounts whilst retaining the profile for historical transaction reporting purposes. Make sure to include account deactivation as part of your staff off-boarding procedures and set periodic reminders to review all accounts and access permissions.

According to the Australian Cyber Security Centre “Use a password manager to create and manage passwords. If you have multiple accounts with different passwords or passphrases, a password manager can help control them for you. A password manager is an application or program that stores passwords or passphrases for all of your accounts. With a password manager, you only need to remember one master password."

Tyro Health staff will never ask for your passwords, so keep them secure. Any SMS or email that requests these details should be treated as a phishing attempt.

If you have any questions, click on the pink chat bubble on our website or email our Customer Support team.