Medical records are the most sought-out data for theft. Malicious third parties breached more than 29 million healthcare records in 2020. To keep your patients’ healthcare records safe, you’ll need a properly configured firewall. The importance has never been clearer – according to a study of recent data breaches, 76 percent were caused by improperly configured firewalls. As a healthcare professional, a firewall-protected HIPAA-compliant network is essential.
So, what is a firewall? A firewall acts as a virtual barrier between your office network and the outside internet. What gets filtered out will differ from office to office. A good IT team will configure your firewall to match the needs of your healthcare practice. More security-oriented practices will utilize whitelisting – a configuration that only allows select websites through to your network. Others use blacklisting – blocking the unwanted web domains, and allowing the rest. Different computers can have different firewall settings if needed – such as granting more web access to doctors, who may need it to perform research. Your server is the most crucial computer in your office and should have the most limited access to the outside internet to avoid costly data breaches.
To maintain HIPAA-compliance, your firewall must log all interactions with protected health information (PHI). Here are some questions to have answered before you set up your audit logs:
- How and when will I generate the log?
- Who is going to review the logs?
- How can I safely store the logs to safeguard against accidental modification and malicious third parties?
- Who do I consult about suspicious alerts?
We consider these questions and more when working with a healthcare practice. Our 16 years of healthcare IT experience have given us the knowledge and foresight to set up your network in a way that works for your practice. As always, we’re always happy to provide a free consultation to start your healthcare practice on the best IT path.