Basic Security in a Medical Office

Basic tips for improving security in a medical office:

  1. A computer screen should not be readable by anyone but your staff. Patients should never be able to see the screen. If they can see the screen, under no circumstances should they be able to see any other patient’s personal identifiable information or personal health information.
  2. All computers should have a unique log in and be password protected. Each user in your office should have their own password.
  3. All computers should employ a screen saver with password protection.
  4. Staff should never use company computers for any of the following:
    • Personal email – it can present a wide variety of problems including exposure to viruses, Trojans and malware.
    • Social networks – they are not secure and they have had numerous problems with viruses and  instances of exploitation.
    • Surfing the internet, downloading or performing any other function that could harm the computer or the office network.
  5. If a computer is identified with a virus, malware or is suspected of containing a virus:
    • Unplug it from the network.
    • Turn it off.
    • Do not turn it on until it has been verified as clean.

The best advice for a busy office is to have a spare computer available. Keep it updated with the same antivirus and office software being used. Keep it turned off and unplugged after it has been updated.