How This Simple Cybersecurity Practice Could Save You From A Data Breach | AdvancedMD

Features Navigation

Live Chat (800) 825-0224 Live Demo

← Back

How this simple cybersecurity practice could save you from a data breach

EMR/EHR

Many of the large data breaches that have hit the news over the last few years are the result of organizations failing to keep all of their computers and software up to date with the latest security updates. Keeping your systems up to date costs nothing and the manufacturers send out these updates for free. This can be one of the most important steps you take to protect the data of your practice. The process of keeping our systems up to date is known as patching.

What is patching?

Patching is regularly updating your systems by applying security updates provided by the software or device manufacturer. Let’s look at this for a second—either your software or device manufacturer. That means that both our software and our hardware need to be patched or kept up to date.

How to patch hardware

Devices such as routers, switches, printers, and other items have built in software known as firmware. The first step in keeping your devices up to date is to register each of your devices with the device manufacturer. Once you have registered the device, the manufacturer will send you email notices when they have a software update for the device. The email will contain instructions on how to update the device. Many of these updates are security updates and are vital to keeping your network and systems protected from hackers.

Since devices are ‘smart’ they are also programmed to regularly check for updates with the manufacturer. If there is an update, the device may tell you that an update is available and have you push a button to update the device.  Your cell phone is a great example of a device checking for updates and then prompting you to do the update.

How to patch software

The process here is very similar to patching hardware. The first step is to register the software with the manufacturer. Current software systems are often set to regularly check with the manufacturer for updates. If one is available the software will prompt you to do an upgrade. Each and every program on your computer needs to be kept up to date, even if you do not use the program very often. It is also important to keep an inventory of all of the software and hardware that you have and a list of when you last checked for updates. The Department of Health and Human Services recommends that all software used in healthcare be patched at least monthly, if not more often.

There are times when a manufacturer stops supporting a device or a piece of software. This is known as “Sunsetting” or “End of Life” for that device or program. Once something has reached the “End of Life” the manufacturer will no longer distribute updates to keep the product secure. It is very important that you replace any devices that have reached their end of life and remove any software products that have been sunsetted as these items represent a huge security risk for your practice.

Updating your Operating System

One of the biggest software items that we need to keep up to date is the operating system (OS) of our computers. You should have your system set to automatically update the operating system at least once a month and you should register your operating system so that you will receive email notifications should there be any urgent updates you need to manually apply.

 



Michael Brody, DPM
Dr. Brody has been actively involved in computers and medicine since the 1980s. He is a Residency Director at a VA hospital located in Long Island, NY. Notably, he was present as the VA moved from paper records to computerized records. During this time, he was exposed to the stringent rules and regulations that government employees must adhere to when protecting patient information. He co-founded TLD Systems with Warren Melnick. They wanted to create a platform for private practice doctors that provides a cost-effective method of implementing HIPAA compliance in their practices. He has served on the Health Information Technology Standards Panel (HITSP), the Standards and Interoperability Framework (S&I), as a member of the Ambulatory Care Committee at the Certification Commission on Health Information Technology (CCHIT), and numerous other organizations. He is currently a member of the Physicians Committee at the Healthcare Information and Management Systems Society (HIMSS) and a co-chair of the EHR workgroup at Health Level Seven International (HL7). He co-founded TLD Systems with Warren Melnick to create a platform that doctors who wish to work in private practice have a cost-effective method of implementing HIPAA compliance in their practices in a manner that does not interfere with their ability to practice medicine. He has served on the Health Information Technology Standards Panel (HITSP), the Standards and Interoperability Framework (S&I), as a member of the Ambulatory Care Committee at the Certification Commission on Health Information Technology (CCHIT), and numerous other organizations. He is currently a member of the Physicians Committee at the Healthcare Information and Management Systems Society (HIMSS) and a co-Chair of the EHR workgroup at Health Level Seven International (HL7)

Topic: EMR/EHR


Other Resources Related to This Topic


EMR/EHR

3 Tips to Stop Revenue Leaks in Your Private Practice

Today’s private practices have had to adjust to mounting challenges like ICD-10, Meaningful Use, and...

EMR/EHR

Patient Cards Demo

We developed a revolutionary framework and user experience called Patient Cards, to significantly improve productivity...

EMR/EHR

5 ways to increase front desk revenue

As an independent practice physician, you care about two things when it comes to your...

“The money I have invested in AdvancedMD is miniscule compared to the return. I have never been more efficient – ever – in my professional life as I am now.”

Jed Shay, MD
The Pain Care Center

Read the story  ›

“[Our] patients are very well-educated and well-informed, and they want to see results quickly. The practice has to run extremely efficiently and be accessible to them. The nice thing about [AdvancedMD] is it has allowed me to be more efficient both in and out of the office. Now I don’t have to come back into the office, which is great for my family and everything else. It saves me a lot of time – probably an hour a day on the three days I work in the second office.”

Keith Berkowitz, MD
Center for Balanced Health

Read the story  ›

“The best thing I ever did in private practice was getting AdvancedMD—it has liberated me.”

Estaban Lavato, MD
La Loma Medical Center

“Having integrated practice management and EHR is absolutely wonderful, you don’t have to flip back and forth between systems—all of your information is at hand when needed.”

Raju Raval, MD

Read the story  ›