Protect Your EMR Data
How to protect your electronic medical records and stay off the HHS “wall of shame”
According to the Department of Health and Human Services, nearly 7.9M health records have been exposed with theft reported as the number one reason for breached data. Lost electronic or paper records, as well as improper disposal, unauthorized access or use, and human error are now starting to play greater roles. What is worse is that the trend is growing.
While it is impossible to prevent every type of security breach, it is possible to ensure IT securitydirectives and electronic data confidentiality laws are upheld at all times and with all data sources. Here are a few tips from our medical IT experts for things you can do to help keep your data safe…
- Make sure passwords (for servers and user logins) meet the complexity requirements for HIPAA. Don’t use the standard "password" or "staff" or "office" passwords that everyone uses just to make it easy. Also ensure that your EHR is programmed to be HIPAA compliant (account lockout after failed logins, password complexity requirements, unique logins per user, automatic logout after inactivity).
- Remote access is convenient, but if not done correctly can be dangerous and puts your practice’s medical data in jeopardy. Using secure VPN's is the best way to make sure your files are safe. Have your firewall evaluated by an IT professional to guarantee its secure.
- Make sure your data is always encrypted and your wireless system has been evaluated by an IT professional to ensure compliance and overall security.
- If using tape drive backups, thumb drives, or external hard drives for backups, do not to leave them out within reach of patients, cleaning crews, etc. They need to be locked up when not in use. Backing up offsite would also eliminate this concern.
- Install and monitor antivirus software on all systems.
- Ensure that your practice is up-to-date with HIPAA’s security and privacy rules by conducting a risk assessment.
Proven Backup helps healthcare providers to establish and implement procedures to create and maintain retrievable exact copies of EMR/EHR patient data. But unlike other backup providers, Proven Backup has a dedicated HIPAA/HITECH Compliance Officer who has an in-depth understanding of HIPAA/HITECH regulations and collaborates with various departments to develop and offer IT Risk Assessments. Contact us to learn how we can help keep you off the “wall of shame”.