Most IT articles are too technical. Others are simply a sales pitch to tell you that you need to move to the cloud. Others simply describe new technology that is “almost” available and promise a better future. This article is not your typical IT discussion.
As a company that supports over 115 different medical offices of all sizes and specialties we are confident these basic components will help your office run more smoothly. Here is a description of basic IT components we look for when going into a prospective client. We believe that every medical office should have these components in place. Look over this list and see how your office stacks up.
1. Server and Firewall Monitoring
Everybody has servers either onsite or being hosted. If they are onsite – monitor them! Your IT company should be able to offer you software that monitors your servers and can alert them of potential drive failures, drive space concerns and even performance data which allows you to analyze if your server is running slow due to resource overutilization. This software can even monitor server temperature and alert someone in case of overheating.
The next piece of equipment that you should have monitored is your Firewall. A firewall is a barrier between your internal network and the internet which monitors and controls the incoming and outgoing network traffic based on predetermined security rules. A Firewall is also what allows you to have a secure connection to your labs and hospitals. It also can allow you to control internet usage in your office.
You should also have your Firewall monitored. Why? Because security updates occur frequently and adjustments need to be made on a quarterly basis. This monitoring can also detect when the clinic loses internet connectivity. At least once a week, we have a client that loses connectivity before the clinic opens – our helpdesk gets the alert, starts a ticket with the ISP on behalf of the clinic and the issue is restored before the clinic even opens and the clinic never even knew the problem existed. The first step in not getting a virus is to have a proper Firewall……
2. Anti-Virus Software
Anti-Virus software helps protect you against viruses and malware. It will not stop all attacks and it will not protect against human negligence (unintentional or intentional). After your Firewall, your Anti-Virus protection is your second line of defense against viruses. This software is very affordable and yet many offices that we visit have out of date Anti-Virus protection or no protection at all.
3. Onsite and Offsite Backup (Ideally you should be doing both)
Onsite backup is a backup of your data that resides on your premises in case of a loss of data – often done through NAS units (Network Attached Storage) this model can provide quicker recovery times in case of problems.
Offsite backup is a backup of your data that resides off premises. Most offices are now choosing to backup online to the cloud. This is your best option in our opinion – however, it should be noted that offices with slow internet speeds may have trouble sending data offsite.
You will also want to use a backup company that can recover from “multiple restore points.” This is important because if your backup software only allows you to recover from a “single restore point” you might encounter the following scenario – You leave the office at 6:00pm. Your network is infected with Ransomware at 7:00pm. Your backups run at 9:00pm. Yes, you have a backup but it is a backup of a corrupted data base!
Many offices we visit are still backing up offsite with hard drives or even tape backups. These options are not ideal because of HIPAA risks and the possible loss of misplaced or stolen data.
Also, if you are currently backing up your data offline make sure and test your backups. Many offices assume their backups work correctly and realize too late that their data cannot be recovered.
4. Support Plan
Find a company that understands Medical IT support! As we all know, anything in a medical office can be an emergency when it involves the ability to care for patients – your IT company should know this as well!
Most issues can be resolved remotely but you need to make sure your IT company is comfortable doing remote work as well as onsite and face to face work.
You would be surprised at how many medical offices depend upon administrators to handle IT issues that are simply over their head (oh wait, no you wouldn’t). These issues then fester and usually lead to bigger problems down the road
Every medical office needs a security plan. Every office should have a HIPAA plan in place and be tracking computers in their office. Computers should be encrypted. Also, every office should have the ability to send secure emails. It is also a good idea to scan computers occasionally for sensitive information such as social security numbers, credit cards and PHI – there is software available to do this that is affordable and it is a great idea to do this at least yearly.