Ensuring the security and confidentiality of patient information is a top priority. When accessing Electronic Medical Records (EMR) remotely through the CPSI/Thrive web portal, it is essential to follow healthcare industry best practices to protect sensitive data and comply with HIPAA regulations. Please adhere to the following guidelines:
1. Avoid Using Public Computers – Public or shared computers in libraries, cafes, or other open areas are not secure and should never be used to access EMR systems.
2. Always Log Out – After accessing patient data, always log out completely from the EMR system. Simply closing the browser window does not guarantee a secure logout.
3. Never Leave Your Computer Unattended – If you must step away, ensure that your computer is locked or logged out to prevent unauthorized access.
4. Do Not Use Public Wi-Fi When Possible – Public Wi-Fi networks are often unsecured, making them a high risk for cyber threats. Use a secure, private network when accessing patient records remotely.
5. Utilize Multi-Factor Authentication (MFA) – Whenever remote, ensure you are being prompted for an MFA access code for an additional layer of security to protect access to patient records.
6. Be Wary of Phishing Attempts – Do not click on suspicious links or provide login credentials in response to unsolicited emails or messages.
7. Avoid Using Non-Corporate Managed Devices – When possible, do not access EMR data on a personal or non-corporate managed device. If you must use such a device, do not perform any other functions or have any other applications open, such as checking personal email or browsing unrelated websites when accessing patient data. Keep your computer and mobile devices updated with the latest security patches and antivirus software to minimize vulnerabilities.
By following these best practices, we can maintain the integrity and confidentiality of patient data while enabling secure remote access. If you have any questions or need further guidance, please contact the IT Department.