10 Ways To Lock Down EHRs
Establish a governance framework that defines roles, responsibilities, policies, procedures, and accountability.
1. Establish a governance framework that defines roles, responsibilities, policies, procedures, and accountability.
2. Use hardened terminals hosted on a trusted network, and continually scan them for viruses and malware.
More Healthcare Insights
- Automating Hospital Workflows That Maximize Efficiency And Patient Satisfaction
- How Healthcare Payers are using Customer Communications to Improve Productivity and Effectiveness
White PapersMore >>
3. Limit employee access to data needed for their jobs, provide unique access credentials, and use electronic signatures.
4. Locate PCs and other access devices in secure places. Use an inventory system to track mobile devices, encrypt all content, and have a policy for retiring devices.
5. Use data-loss prevention tools, have auditable logs on traffic and downloads, and monitor these.
6. Have business associate agreements with strict rules regarding use and disclosure of personal information.
7. Encrypt all EHR data during transport; filter all communications for sensitive data.
8. Make sure data shared with researchers is anonymized or scrubbed.
9. Have a backup and recovery plan that includes security considerations.
10. Know the rules for retiring data, and make sure it's being completely erased from hard drives and formatted disks.