3 Things You Must Do for IT Security

Would you leave your front door unlocked?  

Of course, the answer is “no” – so why is your electronic health information left unlocked?

As healthcare providers are putting more and more protected health information (“PHI”) on their computer networks and electronic medical records (“EMR”), healthcare providers must also take protecting their computer devices and networks as seriously as they would for their physical practice.

As technology has progressed, many healthcare providers–and individuals in general–have taken a lackadaisical approach to protecting their electronic devices.  In addition to risking general loss of data and reputational harm, healthcare providers are also risking criminal and civil penalties imposed by the government in the event of a breach of unsecured PHI.

As a result, healthcare providers need to be proactive and implement the proper security and privacy controls.

There are numerous privacy and security measures that should be implemented for electronic and non-electronic PHI (Article).

We are highlighting three (3) must haves:

1.  Inappropriate Access:  While paper records can be secured in a locked drawer or room, electronic PHI requires implementing appropriate safeguards to limit which employees can access certain categories of PHI, ensuring that workstations automatically log-off after a certain period of time, and requiring users to log-off if they leave their designated workstation.

2.  Record Modifications:  While paper records can be altered by anyone that gains access to the chart and inputs new information, electronic PHI may be altered if a user’s rights are not restricted within the software.  For example, “users with data modification privileges can generally add, delete, or modify data or entire records.  Data can also be tampered with by directly accessing the files stored on the EHR servers using a server account rather than an EHR user account.”

3.  Data Loss:  Paper records can deteriorate over time or destroyed in a natural disaster (fire, tornado, flood, etc.).  Electronic records can be as well, but they are also more prone to immediate destruction via a broken hard drive, hacker, or malicious software.  Healthcare providers need to ensure that they have proper backups to protect all PHI.

If your organization needs assistance with protecting its data – we can help.  For assistance CLICK HERE.

Get “News You Can Use” delivered directly to your e-mail inbox. Click here to Subscribe.

Related Posts


Recent Posts

Breaking: New Self-Disclosure Policy
March 21, 2023
What is a Power of Attorney?
March 16, 2023
Can Your EHR Template Land You in Prison?
March 14, 2023
What Happens When You Don’t Fund Your Trust?
March 9, 2023
What is the Cost of a Data Breach?
March 7, 2023


Enter your email to subscribe now and receive your FREE HIPAA Risk Assessment book!

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment.


Get it now for FREE (an $8.99 value!)

One more step! Please check your email to confirm your subscription and receive your FREE book!