Preserving Privacy
There has been a definite appeal to the “anytime anywhere” concept for access and communication. It is very handy to tune in from any mobile device to whatever your interest of the moment may be. There are now apps of every kind, purpose and variety you can imagine.
Behind the promotions to use mobile and remote devices, however, are increasing concerns over the security measures that are needed to assure that your actions and information do not become a target for unwanted or harmful consequences. Most of the major companies involved in information technology such as Amazon Web Services, Intuit and Microsoft have steadily increased the security measures required to access and update the information stored on their computer servers. They do this to protect not only their customers but also to protect themselves from legal actions and financial loss.
In their eagerness to have anytime anywhere access, quite a few do not take the time to determine what protections they will have should their information be misused. They have no idea where their information is being stored, whether it is being shared or readily available to others, what happens when they do not continue to subscribe to the service.
In our work with custom software development we have sometimes been amazed how willing some have been to turn over a large portion of their business information to others with no safeguards. Included have been critical records such as their customers, product and services lists with pricing, production, sales and financial histories.
To preserve your privacy and that of your customers, here are some of the prevailing rules:
Before subscribing to an online service, be sure to know:
· Where your information will be stored
· Is the database shared with others or private to you
· What safeguards are in place to assure that no one has unauthorized access to your information
· The levels of encryption used to transmit your information
· The method and schedule for backing up your records
· Guarantees on up-time and speed to assure timely processing
· The availability and method to easily transfer all your records should you no longer subscribe to the service
Whenever involved with healthcare, even more stringent government compliance measures such as those in HIPAA are required to protect the patient’s privacy. Every organization and every software that records patient information is required to follow safety measures to assure there is no interference or access that has not been authorized.
When electronically transmitting information, very high levels of encryption become necessary. Typically these also require:
· Multiple levels of authentication
· Periodic changes to access logins, passwords and other authentication methods
· Authentication methods that are not easily determined or duplicated
· Legal agreements with software designers, developers and other resources to assure there is no disclosure of sensitive information
· Specific rules on when and what doctor/patient information can be viewed, edited or transmitted
Another protocol that has become widespread for transmitting information that requires privacy is to limit each transmission to the information to that needed for a single purpose rather than sending a large batch of records. Authentication measures will be in place for both the sending and receiving points and the information will be encrypted. This provides for high level s of speed and security, reducing the possibility for data breaches and other interferences.
We urge you to not be cavalier or over-trusting when your responsibility includes information stored on computers and transmitted from computer to computer. In just this past year the FBI’s Internet Crimes Commission here in the USA has had a dramatic increase of 69% in reported crimes and billions of dollars lost by businesses. This does not include the quiet thefts and misuse of information by some who have been given ready access through the services they provide.
If you would like to further discuss this topic, you can contact the support team at:
Mainstreet Systems & Software Inc.
215-256-4534 (USA) support@mainstreet-systems.com
As published in Spectrum Dialogue The Voice of Techno-Clinical Dentistry May 2021
Comments