Skip to main content

How to keep your medical practice secure

October 1, 2019

Although the specialists mainly take care of your office’s billing and coding, another of their specialties is helping you run your business more smoothly. One of the most important medical practice management services we offer is how to keep your practice and patient data secure.

Protecting patient information, sometimes referred to as protected health information (PHI), is crucial to maintaining not only your business and its bottom line but also your reputation and your patients’ trust. Yet, as technology continues evolving at warp speed, data breaches and compromised information become more and more likely.

Although IT fixes and upgrades affect security, so can your staff, as they can be as much the problem sometimes as they are the solution. Either way, security incidents can be costly (not just financially) – and it’s estimated that roughly 9 out of 10 healthcare businesses have experienced some type of security breach in the last 5 years.

That’s eye-opening, so let’s take a look at 6 medical practice management tips that can increase the security of your business.

6 Practice Management Tips to Secure Your Practice

Staff Training

Unfortunately, employees are more involved in data breaches than you might think, although it’s as much due to negligence as it is to malice. So, ensure that your staff is trained properly on the following, among others:

HIPAA (Health Insurance Portability and Accountability Act)

Make sure they know what is and is not a violation. Also, have them educated on the nearly 20 points of information that can be used to identify someone, such as date of birth, family information, address, name, and more.

Another important aspect of HIPAA is that communicating with patients via FaceTime or Skype is not considered compliant or secure. So, make sure that the apps and software used by your staff are HIPAA-approved.

Passwords and Personal Information

Train your staff on how to limit attacks on your practice and your patients. For example, make sure they choose long, secure passwords with a variety of symbols, numbers, and uppercase/lowercase letters. Remind them how vulnerable they can be when giving out their own or writing down a patient’s Social Security number.

Furthermore, when either your staff or patients create accounts at your office, make sure you have a multi-step authentication process in place, such as having them receive a one-time code sent to their email or mobile device once they enter their username and password.

Don’t Forget the Basics

These include not clicking on or downloading attachments and links from unknown or unverified sources. Any such actions can result in malware being downloaded that compromises all of your and your patients’ data. As a medical billing company familiar with such risky practices, Coronis suggests installing software that allows users to accept information from normal data sources and patterns, yet blocks anything suspicious.

Keep Your IT Healthy and Protected

Your medical business could be at serious risk if you’ve focused your IT security solely on antivirus software and other perimeter-type security and not enough on technology and/or software that can deal with an attack when it happens. By segregating data, for example, you can protect your data and other parts of your network should your business ever be breached.

To keep your systems healthy, have multiple layers of software and hardware to keep out spam, junk, malware, and other threats. Furthermore, if you use cloud-based services, vet them thoroughly as well as the vendors with which they do business. The more entities involved, the riskier it gets for your business.

Back It Up – Or Delete It (Or Both!)

If you’re like many business owners, you spend more time maintaining your car than you do your business IT system. But which is more important to your bottom line and business reputation?

To make your system more efficient, delete unnecessary data. Think about it – the more sensitive information you have, the more at risk you are and the more you can lose. Put a policy in place that, once information you have is outdated or irrelevant, it gets deleted.

And back up what is important.

Secure Portable Devices and WiFi

If you’re like many others who crave convenience, you keep important health data on a portable device like a laptop, tablet, or USB. Make sure you encrypt such devices, especially when you sneak to the counter of your local coffee shop for a refill; those are times when a thief or hacker can cause you issues.

It’s the same with wireless networks. You can be hacked from such seemingly innocuous places as the office next door or a car in the parking lot. Keep your routers and other related devices maintained, password strong and secure, and protected from unauthorized entities trying to access your system. Learn more about computer security at

Get the Latest RCM News Delivered

Receive practical tips on medical billing and breaking news on RCM in your inbox.

Get in Touch