• “Access control” tools like passwords and PIN numbers, to limit access to patient information to authorized individuals, like the patient's doctors or nurses.
• "Encrypting" stored information. That means health information cannot be read or understood except by someone who can “decrypt” it, using a special “key” made available only to authorized individuals.
• An “audit trail,” which records who accessed your information, what changes were made and when. Most health providers being covered entities have HIPAA responsibilities to ensure the privacy and security of EHR’s. Even HIPAA itself was not targeting the security factor …show more content…
This decreases their susceptibility to outside breaches, which occur commonly in a network with Wi-Fi. However, since networking is easier on Wi-Fi, if it comes to it, the network server should have enough security protocols to make it secure, especially at the access points installed through out a facility. Needless to say, there should be a reputable antivirus and antimalware programs amidst firewalls protecting the system from outside breaches. To secure EHR data flow, the staff should be made well aware of the security measures and protocols in order to ensure privacy of PHI. Contacting the EHR vendor associated with the facility can be of considerable assistance in this regard. As far as sharing EHR data is concerned all staff should be well versed in HIPAA guidelines so as to ensure privacy and security rules; those include seeing a copy of the medical record, requesting to having any mistakes corrected, emailing or faxing sensitive PHI, or scanning lab reports for all that matter. Patients should also be involved in ensuring the security of EHR’s. Due to ease of access through patient portals, they should be advised to use their devices on secure servers as opposed to public or unsecured ones. Basically, to guarantee security of EHR’s the aforementioned administrative and physical or technical safeguards should be