Do you know what your computer can and cannot do? Did you know that a lot of the computers sold today aren't capable of playing a lot of the most popular games as they should be played? There are several key elements that you must look for in a new computer if you plan to use it for gaming purposes. My blog will provide you with a list of things that you would do best to look for when considering a gaming computer purchase. You will also learn about the upgrades that you can do after the purchase to build a computer of your dreams.
According to the Health Insurance Portability and Accountability (HIPAA), medical practices must protect patients' data from unauthorized disclosure. HIPAA regulations apply to all patient data, including paper and digital records, and practice managers must carefully consider and mitigate the risk of illegal disclosure. Learn more about three common medical practice data risks, and find out what you need to do to safeguard against them.
Data exchanged on unsecured portable devices
If systems go offline or if staff members need to work across different machines, bad data habits can creep in. Administrative staff, doctors or nurses may decide to copy information from electronic records onto a separate portable hard drive or USB drive for ease of use when not online. Unfortunately, these devices aren't always secure, leaving any stored patient data vulnerable to unauthorized disclosure.
Make sure staff members understand the risk of transferring data in this way. Where it's necessary to share data, make sure people use encrypted devices that continue to protect the information stored. In fact, you should normally only allow staff members to use devices that the practice supplies and manages.
Suppliers and vendors are a common problem for medical practices. Unauthorized USB sticks commonly 'appear' in medical practices, thanks to over-zealous sales representatives who offer practice staff members free branded accessories to advertise their products. For some users, you may eventually decide to disable any USB port on a practice computer, so it simply isn't possible to transfer data to a secondary device.
Unauthorized access to sensitive data by registered users
Different staff members need access to patient records, but you cannot assume that everybody needs the same level of access. For example, the information an administrative clerk on the front desk needs will differ considerably from the detail that a surgeon or family doctor will need to see.
Your electronic health record system should allow segregated access, whereby you can control which users can see each type of patient information. Role-based access is a crucial part of data security. Your system provider can help you understand how to effectively implement this type of system.
What's more, you must regularly audit the system. You should delete users who no longer work at the practice. You should also make sure that you continue to strictly limit access to the most sensitive data in the system. An audit of system access should also show you who no longer needs to see the information. If somebody hasn't looked at the information in the last 12 months, you could confidently decide that they no longer need to have access.
Unauthorized data disclosure due to 'normal' user behavior
In a busy medical practice, it's easy to overlook the fact that you're working with sensitive patient information. As such, it's also necessary to make sure your training and systems protect people during the working day.
For example, your receptionist may leave his or her screen unlocked while answering a telephone call, without remembering that people at the desk can probably read information on the monitor. A simple way around this problem is to set the system up to lock the screen after a short period of inactivity. Staff members will need to enter their passwords to get back into the system, but this is a small price to pay to protect customers' data.
Similarly, staff members should never write down patients' personal details, even if they're trying to cope with a system outage. A name and a date of birth scribbled on a piece of paper may seem innocuous enough, but if anyone leaves these details lying around, your practice may breach HIPAA regulations. Regular training and communication are vital, plus you should make sure you have confidential waste bins for staff to get rid of notes and printed documents that show patients' personal details.
Practice managers must take every reasonable step to protect patient data. Carefully consider how practice employees use patient information, and make sure you have the right protective measures in place at all times. For more information, visit websites like http://www.stealthbits.com.
Share14 December 2015
