Cayfour provides a variety of critical services for local medical professionals. It’s not our intent to be all things to all people, but we have selected those security services that are critical to your success and survival in the healthcare industry. We provide these services as either a “one-off” service or part of a package of ongoing security.
Electronic Records Security Program
One way in which we support medical offices is to create a secure computing environment. For example, older computer programs don’t contain password protection or other security features. Even though your medical office may have a separate office space, it’s your responsibility to maintain electronic security of stored patient documentation, particularly data that falls within the ecosphere. Preventing unauthorized access to Electronic Health Records (EHRs) includes using secure passwords, restricting access to authorized personnel only, repositioning computer screens away from the public and other related steps that more modern versions of software would provide.
In the world of HIPAA it’s best to take a conservative, even paranoid, approach -- assume that you are always exposed and that you need to take continuous measures to secure your data. HIPAA violations are both expensive and painful. If you demonstrate that you are taking appropriate and proactive measures to protect your electronic data, you stand a much better chance of walking away from a HIPAA violation with a warning and remedial training rather than fines that can be very expensive.
Cayfour’s approach includes electronic auditing and evaluation of your systems using the latest technologies for that purpose, including:
- Finding any “leaks” in your system, data that is being inappropriately being sent to third parties
- Identifying the loss of data in small or large tranches
- Locating the existence of malware of any type, including viruses, Trojans, applications or executables intended to damage or corrupt your data
- Managing your hardware lifecycle and warranties
- Identifying any person or entity who has access to your network who isn’t authorized
- Designing your infrastructure in scalable manner a that lends itself to future ease of expansion of computing and storage systems
- Delivering a ‘report card’ from these actions detailing where you stand right now
Based upon that report card there are a variety of steps we take to get you stable and secure, and ensure you stay that way. We may recommend that you , behind a firewall, to confirm that only authorized personnel have access to your data. Or, we may recommend that you continue to store your data “on premise” (on prem) with appropriate protection and monitoring measures in place to ensure that you, or we, will know at any given time the security and status of your network.
These steps tie neatly into our other offerings, and you may decide to use us as your Information Technology support team to support your hardware, prepare you for growth and/or store your data. Please contact us to start the conversation.