Confidentiality and Security

Whether diskettes, USB flash drives, or testing online, when you use the products of Behavior Data Systems, Ltd. (BDS) or its subsidiaries, Risk & Needs Assessment, Inc. (Risk & Needs) or Professional Online Testing Solutions, Inc. (, you can rest assured, knowing that your client's (patient's, offender's) privacy and confidentiality are safe. Any, identifying information (name, ID numbers, etc.) is encrypted, before being stored in our database. A secure algorithm, built into the test program software, unencrypts this information, before displaying it to you over the web. This ensures that only you can access the data and reports for your clients. This encryption method is HIPAA (Federal Regulation 45 C.F.R. 164.501) compliant.

Online-Testing users are encouraged to delete client names, when their assessment process is completed. The proprietary, name deletion procedure involves a few keystrokes. Once names are deleted, they are gone and cannot be retrieved. Deleting names does not delete demographics or test data, which are downloaded into the test's database, for subsequent analysis. The name deletion procedure insures confidentiality and full compliance with HIPAA (Federal Regulation 45 C.F.R. 164.501) requirements.


The "Delete Client Name" option is provided in the "Supervisor Options" section, of a test's online webpage. To delete the client's name, log in and navigate to the test that the client has taken. On that test's main menu, click on that client's name and, then, click the "Supervisor Options" button. On the Supervisor Options page, click on the "Delete Client Name" button and, then, click the "Continue" button. When this step is completed, the test report will no longer exist, or be available for review, or printing.

This software feature is provided by BDS, Risk & Needs and Online-Testing, at no additional cost, to ensure its customers' "client confidentiality." It is the test user's responsibility to delete the client's name, thereby, insuring that they are HIPAA (Federal Regulation 45 C.F.R 164.501) compliant.

Before a test record is stored in our database, any identifying information (name, ID number, etc.) is encrypted. Thus, all identifying information in the database is unintelligible to anyone. A secure algorithm, built into the Online Testing software, unencrypts this information, before displaying it to a client (test user) over the Internet. This insures that only the person, who entered the data, can access the names and reports for their clients.

In addition, at any time, clients (test users) have the option of taking an additional encryption step that renders all information irretrievable. We recommend that all clients (test users) perform this step as soon as they can.

If you have questions, or would like more information, contact us at, or 1 (800) 231-2401.