How to Prevent Security Breaches in Your EHR Software

EHR_Software-001Last week, we talked about keeping your data secure in a client-server system and we thought that a cloud-based EHR software would be a better and safer solution for your practice.  This week, we chanced upon a blog post by Power Your Practice about preventing security breaches that we wanted to share.

The post mentioned an alarming fact about how data breaches may not even be caused by advanced hacking techniques, but avoidable employee blunders. We thought that this was a helpful post no matter the kind of EHR software that you are using, and a lot of the tips that may seem like common knowledge, are not actually practiced.

Best Practices to Prevent Security Breaches in Your EHR Software

We’ve combined some of Power Your Practice’s precautions along with ours. Check them out:

  • Provide up-to-date HIPAA training to all your staff.
  • Minimize the chances of others overhearing patient information by not using a patient’s whole name within hearing distance of others.
  • Secure all paperwork containing patient and health data by placing in a drawer or folder when not in use. Cover charts so patient names are not visible and as a general rule of thumb, you should never leave records unattended.
  • Close computer programs containing patient information when not in use. Practice management and EHR software with automatic time out settings can be very helpful in case you forget.
  • Backup systems that contain patient data. Storing your data in a HIPAA compliant cloud-based system is safer than using a client-server or paper documents. Most cloud service providers back up their data in at least three places, but for extra security, you could request a backup storage in your practice.
  • See if your practice management and EHR system gives you control of user access to different levels of information. This prevents employees from accidentally changing or seeing information that does not pertain to their specific duties, such as not allowing certain staff access to billing information.
  • Implement password best practices:
- Ban the sharing of passwords between staff members.
- Reusing passwords makes you an easy target for multiple account hacks, so make sure that you use different passwords for each account.
- Change your password every 30-90 days.
- Passwords should not be words that can be found in the dictionary. It allows hackers to easily run a dictionary program for a matching word.
  • Shred paper files. You can hire a company to shred documents for you instead of wasting an entire day shredding documents, especially if you are making a switch from paper to electronic records.

Keeping your patient’s data secure should be your practice’s top priority and it also makes sure that you are following the law! A practice management and EHR software is a really big part of managing your practice, but you can also take full advantage of it to help keep your patient data secure.

For more tips like these, check out one of our favorite blogs Power Your Practice, or subscribe to our blog for more resources!


Back to Blog

Related Articles

5 Things You Need to Do to Keep Your Optical Software Secure

Many eyecare practices today are using client-server practice management and EHR software to run...

4 Benefits of Switching To Cloud Based EHR

  Cloud technology is being leveraged across every industry, including the eye care industry....

A Technology Breakdown of Eyecare Practice Management Software

  With all of the different technology options available these days it might be hard to determine...