I have been looking into different programs for residency and since all hospitals are now using computer charting, they want to allow me to have access at home to their programs. I am fine with this, but I worry about the security aspect. I know that a HIPAA violation can be serious, so I don't want to risk my computer or iPad being hacked. What do you all use to protect your computer, or does the hospital take care of that? Thanks.
- Joined
- Jun 11, 2013
- Messages
- 11,526
- Reaction score
- 27,445
Accessing your emr from home doesn't really open you up to being "hacked".
- Joined
- May 18, 2016
- Messages
- 1,457
- Reaction score
- 2,330
Let the hospital IT people worry about the security issues. They should have it figured out.
- Joined
- Oct 22, 2013
- Messages
- 25,155
- Reaction score
- 34,839
have a password on your device
what realistically happens is you end up with some documents on it that are HIPPA and the thing gets stolen
what realistically happens is you end up with some documents on it that are HIPPA and the thing gets stolen
- Joined
- Jul 15, 2010
- Messages
- 3,131
- Reaction score
- 253
I would not worry about this. The software that the IT department will install to make your device secure will be what is required.
- Joined
- Oct 11, 2006
- Messages
- 10,417
- Reaction score
- 14,630
It all depends upon the technology used. We use citrix to access our EPIC EMR from home. Citrix opens a window to the secure server. Nothing is stored on your laptop, everything is behind the firewall. And we use a keygen to generate a random key every minute you need to log in -- so even if someone steals your password, they still can't access. And all work machines have encrypted hard drives, so if someone steals it nothing can be taken, Will all places be this security conscious? Probably not, but you might be surprised.
Honestly, the biggest place you can get into trouble is a research project. In general, nothing from the medical record should be on your computer itself -- everything should be in the cloud. Same is true for your own work files -- you'll usually end up with some sort of server based account to save your documents in, and hence if your computer is stolen / broken / etc, all of your files remain backed up. But often I find residents work on their research projects at home, and then it's easier to keep a local copy of your data. If so, if your data has any PHI in it (and PHI is more than patient names!), you MUST put a password on your Excel file (or whatever else you are using). That way, if the file is lost / stolen, you are not in trouble at all (although getting around Excel's passwords wasn't all that hard awhile ago).
Honestly, the biggest place you can get into trouble is a research project. In general, nothing from the medical record should be on your computer itself -- everything should be in the cloud. Same is true for your own work files -- you'll usually end up with some sort of server based account to save your documents in, and hence if your computer is stolen / broken / etc, all of your files remain backed up. But often I find residents work on their research projects at home, and then it's easier to keep a local copy of your data. If so, if your data has any PHI in it (and PHI is more than patient names!), you MUST put a password on your Excel file (or whatever else you are using). That way, if the file is lost / stolen, you are not in trouble at all (although getting around Excel's passwords wasn't all that hard awhile ago).
- Joined
- Oct 7, 2012
- Messages
- 780
- Reaction score
- 1,602
Of all the things to worry about in residency
you choose to worry about EMR security
You're either set or screwed
you choose to worry about EMR security
You're either set or screwed
- Joined
- Apr 25, 2008
- Messages
- 8,793
- Reaction score
- 9,019
I've used four different EMRs in half a dozen different hospitals, all of which used citrix to remotely access the hospital systems. It stores absolutely zero information on your computer, and there are no risks therein.
I would be much more upset if a hospital didn't give remote access to its residents. It's sometimes nice to go home and get some dinner before finishing your clinic notes.
Thanks everyone. I believe where I am going will use Citrix so that helps. I just didn't know what would happen if my computer did get hacked, if there was a way for someone to get into the hospital server through my computer or not. Obviously I would sign out every time I leave my computer, but I was just curious as to what anyone else's thoughts were.
- Joined
- Apr 25, 2008
- Messages
- 8,793
- Reaction score
- 9,019
Unless you store your password in an unencrypted format on your computer (or stick it to it as a sticky note), it will be practically impossible. I mean, I suppose someone could install a keylogger on it and go at it that way, but you aren't worth the effort.
