I just wanted to give you a quick reminder to be careful with external drives. A lost external drive can cause a HIPAA breach that you certainly do not want to deal with. When you are backing data up to an external drive, you MUST make sure it is encrypted. There are still a lot of people who are backing up to jump drives, a NAS, or an external drive and in some cases, taking it home with you on a nightly basis. Stop! Think! What would happen if you lost that drive?
Be Careful with External Drives
Tapes, hard drives, CD’s and anything else that is removed from your practice will need to be safeguarded, protected, and documented. Remember…there is ePHI on those items and losing them come at a great risk to you and the practice. When we think of hackers, we have a tendency to think of people breaking into our computers and servers. We must also consider exposing ePHI, even if it is innocent. Exposing ePHI is a breach just like someone stealing your information. Please make sure you take that into consideration.
What You Can Do
First off, stop using old technology. You’re just setting yourself up. You don’t need to store data on daily tapes and hard drives. There are many more options available today that are not very expensive. Have an off-site backup so you don’t have to take things home. Encrypt your external drives, such as your NAS, hard drive, jump drives and SD cards. When transferring ePHI to any device, and taking it outside your practice, it must be documented on how you are going to protect that data. Basic CYA.
I know I tend to harp on these things, but it’s because I care!
Thanks for reading.
Tier3MD is headquartered in Atlanta and is one of the leading IT groups for medical practices.