7.5 Easy Ways to Protect Your Clients’ PHI on a Computer and Stay Secure

7.5 Easy Ways to Protect Your Clients’ PHI on a Computer and Stay Secure

Tyler Schow 13.05.2016 Blog, Helping You, Private Practice Tips & Tricks, Uncategorized

computer-securityEspecially these days, keeping your clients’ confidential information secure is incredibly important. Thankfully, there are a lot of easy things you can do to make that happen. There’s no magic bullet that ensures 100% security, but here is a non-exhaustive list of 7.5 basic guidelines to help keep your computer and your clients’ confidential information safe.

1. Practice basic computer security.

The easiest way to keep your computer secure is to be careful when browsing the internet. Here’s some quick browsing tips:

  • Don’t click on pop-ups, ads, or suspicious emails.
  • Never download an attachment unless you are expecting it. If you weren’t, confirm with the sender that it’s legitimate using a communications channel other than email.
  • Check links in unsolicited emails before you click them. Do this by hovering your mouse on them to make sure they go to a legit address.
  • Before logging into a website, confirm the URL is correct.
  • Only download software from trusted and verified sites.

You should also keep your computer and other software up to date by enabling automatic updates. Finally, because it bears repeating, always lock your computer when you’re leaving it unsupervised, and log out of any programs that have PHI.

2. Use antivirus (even if you have a mac).

Practicing basic computer security is a good start, but you can’t be too careful. There are many free antivirus applications out there, and the paid ones have a very good return on investment.

To find the right antivirus software, we’d recommend starting by checking out AV-Test.org. It constantly tests and updates results for various paid and free Anti-Virus software. You can also find helpful articles at Tom’s Guide and Macworld.

3. Use a passphrase instead of a password.

Relevant XKCD Comic

Relevant xkcd comic.

Having a weak password is one of the easiest ways for someone to hack into your computer. But, by using a passphrase, you can make that nearly impossible.

Passphrases are easy to remember and a lot harder to crack. Simply put a few unrelated words together that total at least eight (but preferably 16) characters, and you’re set!

You can read more about the benefits of using a passphrase here.

4. Use a password keeper instead of the using same passphrase over and over.

Passphrases are easy to remember, but these days we need dozens of them. At the same time, it’s important to use a different passphrase for every login you use. Otherwise, if someone finds your Facebook password, they could use it to get into your computer too!

The solution is to use a password management program like LastPass to generate and store passwords for you. It’s easy to create separate passwords for every website, and you don’t even have to remember them!

As an added benefit, a password keeper makes it easier to use completely random passwords giving you even more security.

You can find a list of password managers here.

5. Make sure no one can see your screen.

No one needs to hack into your system if they can just look at your screen. The easiest way to prevent that is to lock your computer when it’s not in use. You should also get a screen protector that will prevent anyone from seeing your screen while you’re using the computer unless they are right behind you. Finally, don’t use your computer in a public place, where someone could look over your shoulder without you noticing.

6. Use your phone hotspot instead of wifi in public places.

Public wifi is unsecured, and hackers can intercept data going between your computer and the internet. So, if your phone and plan allow it, set up a hotspot on your phone. This lets you use your phone’s data to access the internet with your computer. It’s much harder to intercept data on a cellular network than on unsecured wifi.

7. Use a cloud-based EHR system.

Unless there’s factors that prevent easy access to the internet, your client’s data is by your side when you use a cloud-based EHR, since you can access it from any computer (just be careful which ones you use).

With proper password management and security, a cloud-based solution will be safer than keeping records on your computer or using a flash drive because they will be secured in compliant data centers with a lot of digital and physical security.

7.5. Use BreezyNotes EHR to manage your clients’ confidential information.

BreezyNotes EHR, our practice management application, is cloud-based and hosted on HIPAA compliant, SSAE16 audited servers. Security is always top of mind for us, so we’re constantly working to make the software more secure. And since you access it through your browser, you don’t even have to install updates. We do that for you!

Regardless of what you use to manage your practice, you should be doing this easy things to keep your clients’ confidential information secure.

 

Do you have any simple measures you use to keep your clients’ records secure? Share them with us on Facebook, Twitter, LinkedIn, or Google+!