Four Steps to Data Security

There are four steps every dentist needs to take immediately to protect patient confidentiality.

At the most basic level, set up and enforce the use of passwords. Ideally you should have secret, individual, eight character passwords for each team member to log onto their computer. You should then have completely different passwords for each person to access the dental practice data. Then all these passwords should be changed every few months.

Passwords are like your toothbrush. Do not share it with someone else and change it every three months.

That is ideal but hardly anybody works that way. In most dental offices passwords are easy to remember, shared by everyone, never changed and written on a sticky note stuck to the computer.

The second important security measure isĀ  to have your IT pro set up a firewall to protect your computer system from outside attacks. Do not do it yourself.

Step three is easy, lock up the server. Keep your server – where the data is stored – in a locked closet or lock it down with a cable. The number one reported cause of a data breach is a stolen computer. Make your computers hard to steal.

Step four may be the most important. Store your data in an encrypted format. This is especially important if you are storing data off site. If you have encrypted your data and your computer is lost or stolen the HIPAA police will not treat this as a breach. Encryption is your get out of jail free card.