While we are aware of the importance of the integrity and security of clinical data, recent onsite surveys conducted by REND Tech showed that more than half of the health businesses in Sydney did not implement strong security policies to protect clinical data.
There are a number of steps that will help you increase the security policies around your clinical data. Below are our top five tips:
- To stop unauthorised internal data access, the server must be protected by an administrator password known only to the management team.
- To ensure that no viruses or malware products are downloaded on your workstations, all computers must be protected with a business grade antivirus product (not the free version of AVG). We recommend NOD32.
- Management and IT staff should be the only people allowed to access the server. This includes providing server access to pathology companies, Medicare Local staff and so on. If access is required you need to authorise it first and then notify your IT team.
- To avoid network hacking, change your router password from the generic password to an administrator password. – If you have a Windows XP machine then you need to consider changing it. Recent studies showed that they are six times more likely to be hacked.
- Never install software on your business computers that has not been approved and authorised by your IT team. Work computers must host clinical and business applications only.
- If you access your clinical data remotely then you need to ensure that the remote access application you use is secure and password protected. Never share those details with anyone, including your colleagues.
By following the processes above, you should be confident in the security of your clinical data. It is highly recommended that you arrange for a security audit every six months to ensure that all the relevant security policies are in place. Take the opportunity to rate your level of data security.