Protecting the information in your practice

This story first appeared in the August 2014 issue of Pulse+IT Magazine.

A paperless medical practice is nirvana in terms of efficiency and many practices are now moving to the cloud for certain functions or for the full monty. While there is still some resistance to cloud-based services due to security fears, in reality the cloud wins hands-down. There is no room for complacency, however, so here's what you should look out for to protect your – and your patients' – information.

In terms of information technology, a medical practice can be characterised as a micro enterprise business with medium enterprise needs.

Almost every medical practice is a micro business in terms of size – a server, a handful of computers, printers and a few other bits and bobs. However, medical practices are medium enterprises in every other respect: compliance with stringent privacy laws, eHealth, telehealth, electronic medical records, back-up and disaster recovery, pathology and radiology downloads – the list goes on.

And therein lies the problem. At what point in time does the practice realise that almost every single transaction, both internal and external, is important? And what tools are OK to use without hampering the regular functioning of the practice?

As widely publicised and documented, the updated privacy laws came into effect on March 12 this year. The Office of the Australian Information Commissioner, which includes the office of the Privacy Commissioner, has renewed powers, the penalties are harsher and compliance with the new laws is even more critical.

The new privacy laws include the 13 Australian Privacy Principles (APPs), which apply to what is called an “APP entity”. Medical practices by their very nature in handling sensitive personal medical records qualify as an APP entity.

However, while everyone has been talking about the privacy laws, what does it mean for medical practices at the grassroots level? What is it that a practice specifically needs to do to ensure that they are compliant?

To read the full story, click here for the August 2014 issue of Pulse+IT Magazine.

Posted in Australian eHealth

You need to log in to post comments. If you don't have a Pulse+IT website account, click here to subscribe.

Sign up for Pulse+IT eNewsletters

Sign up for Pulse+IT website access

For more information, click here.

Copyright © 2017 Pulse+IT Magazine
No content published on this website can be reproduced by any person for any reason without the prior written permission of the publisher.