If you are a medical practice such as a doctor or dentist office and your medical software is “in the cloud” are you protected and in HIPAA compliance? The answer is no for a variety of reasons and I will cover some of the top points in this article.
First, have you asked some basic questions about the host provider to make sure your patient records are as secure as they say they. Where is their data center, is it in the US and under their control or perhaps it’s off shore? Do they have even have a secure data center or is their server hosted in the basement of their office? Do they have encryption in place in case of the many forms of theft that can take place, both physical and digital.
Assuming your medical software is hosted by a HIPAA compliant company there are still many safeguards you have to put in place to make sure your patient records stay safe and secure.
Imagine if there is no screensaver with a password on your computers, a patient record is displayed on the screen and anyone can walk by, click the keyboard and look at it which would be considered a violation of patient privacy.
If you have wifi at your office for people in the waiting room to use have you made sure the guest wifi can’t see your internal network? You can do this simply by connecting with a PC and browsing the network to see if it discovers and local computers. If you can see your office computers you need to isolate the guest access as soon as possible.
These are just a few of the many issues facing a small medical practice to make sure their business stays ahead of the curve. If you need a New York IT company to help you with healthcare compliance please contact us for a free consultation or call (212) 858-9022.