With security issues becoming very important as we begin to share information, you may have had an experience that compromised security or has made you more aware of security. Security issues include having your EMR connected to the Internet or using a wireless network. Security also applies to systems you use within the office to protect your data. Would you like to share your experience regarding your EMR system and security concerns? Click on the 'Comments' link below this posting and type your comments into the text box.
January 02, 2004
Dear Alan,
Thank you for the site!
Your comments on security, especially wireless are well made. I entirely agree you need a high end router with full encryption. We went with the Sonicwall system and VPN access.
Another security issue is what to do with old and or damaged computers, disc drives, backup tapes etc. What is more efficient? Destruction or erasing and overwriting?? Also what happens if something has to go back to the manufacturer??
Posted by: David Woolliscroft | March 18, 2004 at 09:29 PM
Great question. Destruction of old digital media is a significant issue. I am aware of an incident in Alberta that was investigated by the security commissioner regarding an old hard drive on the computer of a transcriptionist. See The Messenger - College of Physicians and Surgeons of Alberta (.pdf document)
In addition, I found a reference to an article on a US Company - White Canyon Software - which describes a similar situation. Interesting reading WhiteCanyon - Hard Drives Dumped; Information Isn't (I do not endorse their product, just liked the article)
It seems that the only way to absolutely protect data is to disintegrate the hard drive, although I do not believe most people would do this. A hard drive scrubber is probably the next best alternative and there are many software vendors that provide this type of software.
The key is to have a heightened awareness of the risks. If you take home that old hard drive from the office to install on the home machine, remember to format it when installing. Also, keep track of any hard drives or storage media that leave the clinical setting and ensure that you follow up on what happens to those media.
Posted by: Alan Brookstone | March 18, 2004 at 11:24 PM