How Secure Is Your Office Data?
Privacy concerns make data security a
requirement for medical practices. Protecting your patient and business
information includes periodically checking the security of your electronic
and non-electronic records.
Electronic Data
Safeguarding information stored on your office systems and handheld
electronic devices depends on utilizing their built-in protective features.
Therefore, confirm that physicians and staff consistently use:
-
Unique user IDs and passwords for all computers
-
Encryption and passwords for all laptops and add-on memory
-
Automatic locking for all temporarily idle computers
Also,
keep both operating systems and anti-spyware software updated.
Paper Records
A typical medical office generates a large volume of physical data,
including charts and other paper patient records, that needs to be protected
against unauthorized viewing as well as loss. Limiting access to the chart
storage area during office hours is basic. But are charts also piled on
desks before updating or filing? And, if physicians or others remove charts
from the office, is there a record of the removal, and are the charts still
being safeguarded?
Most likely, your office handles many reports and other documents each day that include patient information. Preventing unauthorized viewing calls for shredding any such items that are not filed rather than adding them to the general trash.
Securing your offices at closing creates a corresponding need to limit key and alarm code access—and to change both promptly if a key is lost or someone with access leaves the practice.
Protection of your data will not be complete unless you also create and distribute written security standards that each member of your practice is expected to follow.
Please contact a member of our Health Care Team if you would like to discuss this topic further.
Health Care Commentaries is
provided by Somerset’s
Health Care Team
for our clients and other interested persons upon request. Since
technical information is presented in generalized fashion, no final
conclusion on these topics should be made without further review. For
additional information on the issues discussed, please contact a member
of our Health Care Team. This
document is not intended or written to be used, and cannot be used, for
the purpose of avoiding tax penalties that may be imposed on the
taxpayer.
Somerset CPAs,
P.C.
3925 River Crossing Parkway, Third Floor
Indianapolis, Indiana 46240
317.472.2200 • 800.469.7206 • FAX 317.208.1200
http://healthcare.somersetcpas.com
.jpg)