How to Prevent Security Breaches in Your EHR Software

EHR_Software-001Last week, we talked about keeping your data secure in a client-server system and we thought that a cloud-based EHR software would be a better and safer solution for your practice.  This week, we chanced upon a blog post by Power Your Practice about preventing security breaches that we wanted to share.

The post mentioned an alarming fact about how data breaches may not even be caused by advanced hacking techniques, but avoidable employee blunders. We thought that this was a helpful post no matter the kind of EHR software that you are using, and a lot of the tips that may seem like common knowledge, are not actually practiced.

Best Practices to Prevent Security Breaches in Your EHR Software

We’ve combined some of Power Your Practice’s precautions along with ours. Check them out:

  • Provide up-to-date HIPAA training to all your staff.
  • Minimize the chances of others overhearing patient information by not using a patient’s whole name within hearing distance of others.
  • Secure all paperwork containing patient and health data by placing in a drawer or folder when not in use. Cover charts so patient names are not visible and as a general rule of thumb, you should never leave records unattended.
  • Close computer programs containing patient information when not in use. Practice management and EHR software with automatic time out settings can be very helpful in case you forget.
  • Backup systems that contain patient data. Storing your data in a HIPAA compliant cloud-based system is safer than using a client-server or paper documents. Most cloud service providers back up their data in at least three places, but for extra security, you could request a backup storage in your practice.
  • See if your practice management and EHR system gives you control of user access to different levels of information. This prevents employees from accidentally changing or seeing information that does not pertain to their specific duties, such as not allowing certain staff access to billing information.
  • Implement password best practices:
- Ban the sharing of passwords between staff members.
- Reusing passwords makes you an easy target for multiple account hacks, so make sure that you use different passwords for each account.
- Change your password every 30-90 days.
- Passwords should not be words that can be found in the dictionary. It allows hackers to easily run a dictionary program for a matching word.
  • Shred paper files. You can hire a company to shred documents for you instead of wasting an entire day shredding documents, especially if you are making a switch from paper to electronic records.

Keeping your patient’s data secure should be your practice’s top priority and it also makes sure that you are following the law! A practice management and EHR software is a really big part of managing your practice, but you can also take full advantage of it to help keep your patient data secure.

For more tips like these, check out one of our favorite blogs Power Your Practice, or subscribe to our blog for more resources!

SUBSCRIBE NOW 

Back to Blog

Related Articles

How To Determine if a Practice Management System is Cloud-Based

There has been a lot of buzz surrounding cloud-based services in the optometry space, especially for

Preparing Your Practice for Cloud-Based EHR Software

The constant introduction and development of new updates, requirements, and innovations in optical ...

Are You Getting Catfished by EHR Software Vendors?

For those of you who are unfamiliar with the show or the term “catfish”, a catfish refers to...