There are many different EHRs available on the market today for practices that are looking to upgrade their record-keeping systems. They range from stand-alone modules that target specific workflows such as E-prescribing to comprehensive EHR solutions that also incorporate practice management software. Some vendors follow the legacy client/server model while a new breed of medical software companies are offering Internet-based EHRs.
Regardless of the type of software used, it is imperative that all employees are trained properly to work on the system. Inadequate training can lead to a drop in productivity and a higher probability of errors. Nevertheless, web based EHRs present a new set of issues for the modern practice and Internet specific training should also be considered for all employees.
Internet EHRs differ considerably from legacy systems, especially when it comes to networking and security. Comprehensive security protocols must be implemented and communicated properly to all employees so that data is not inadvertently exposed to unauthorized users. Password and device security should be top priorities, along with good Internet security habits such as using and updating antivirus software on a regular basis.
Whether it is the doctor or front desk receptionist, no one should walk away from a device (computer or tablet/phone) without locking the system or signing out of the application. With on premise and off-line applications, such risks are less because a hacker needs physical access to the system at all times. But with online EHRs, any stranger would be able to change the password within a few minutes locking the legitimate user out of his/her own account.
Similarly, employees should be encouraged to use strong passwords with a combination of alphabets, numbers and special characters. It is quite common for people to choose passwords containing their date of birth or childrens’ names. Unfortunately, such information can easily be found out by hackers through social media using techniques such as phishing or social engineering. Internet EHR training should also include information on how to contact the software vendor in case the application is inaccessible. The service provider will be able to verify if the problem is with their servers, the Internet connection or if it has been taken down by cybercriminals.
Dovetail EDR is 2014 MU certified software and your practice data is always stored on HIPAA compliant servers. It adheres to federal standards for data security and privacy. Sharing capabilities are built into the application so that there is no need of emailing medical files or images. As long as proper password and device security protocols are followed by all employees, your patient data is completely secure with us.