Systems Security Check

Basics    
  Written and Distributed Records/Computer Security Policies
  Strong Pass Words that change regularly
  Anitvirus programs current on all machines
  Firewalls active on all Machines
  Physically Restricted Access to Paper and Electronic Records
  Restricted access to Electronic Records on an as needed basis
  Secure wireless and internet access (basics come with modems and routers)
Better    
  Security responsibilities handled outside of office staff
  Antimalware programs current on all machines (maybe part of Anti virus)
  Server controlled access to locally stored electronic records
  Secure Cloud based Practice/Patient Management and Billing system
Fully Compliant    
  Managed Internet Gateway Device
  Monitoring of all systems and devices attached to network
  Restricted access for personal devices attaching to network
  Tracking and remote management for all portable devices
  Reporting of policy violations and automated access restrictions
  Prevent installation of any program without administrative authorization
  Fully monitored and secured wireless access for both guests and staff
  Fully documented procedures, programs, and policies

If you don't have at least all the basics checked

  • You may not pass an OCR audit
  • At risk for a data breach

If you have them all checked then you don't need us
Otherwise