Electronic security can easily become an issue in a pharmacy. If your computer system isn’t secure, then the integrity of your electronic health data might be at risk.
The U.S. Department of Health and Human Services (HHS) addresses data integrity in its technical safeguard standards, a set of guidelines designed to help businesses comply with the Health Insurance Portability and Accountability Act (HIPAA).
The integrity standard requires you to implement policies and procedures that work toward preserving your data’s reliability. Specifically, HHS requires that you “implement electronic mechanisms to corroborate that electronic health information has not been altered or destroyed in an unauthorized manner.”
Your pharmacy’s computer system might already have integrity mechanisms in place, but it’s important to ensure they’re the right ones. Takes these steps to make sure you have the correct mechanisms in place.
1. Evaluate your risks
Risks to the integrity of electronic health information vary from business to business, so you need to perform a risk analysis of your pharmacy’s system.
This includes identifying what’s considered protected health information in your system, what external sources of electronic protected health information you have, and what threats to your system exist.
Common threats for pharmacies include computer viruses, crashes and employee sabotage. Once you have identified threats to the integrity of your data, you can identify what mechanisms you need to protect it.
2. Analyze your current system
Once you know what mechanisms you need, compare your needs to what you currently have in place.
It’s important that each threat you identified is addressed by an integrity mechanism. You may or may not need to implement additional mechanisms—this is entirely dependent on the threats to your pharmacy and the system you currently have in place.
3. Implement what’s needed
If you find that your current system is lacking, it’s important to immediately implement mechanisms to address the shortcomings.
In an independent community pharmacy, common mechanisms include antivirus software and daily backups of electronic protected health information. The mechanisms you need will probably include these mechanisms, and maybe more. You can implement them yourself, or ask your system vendor if it provides this service.
By protecting the integrity of your data, you’re protecting your patients from harm. Act now to ensure your data is secure.
Follow our series!
Stay up-to-date with our series on electronic security. Each installment discusses a different aspect of electronic security for pharmacies.
Pharmacy Electronic Security Part 1: Audit Controls
Pharmacy Electronic Security Part 2: Integrity
Pharmacy Electronic Security Part 3: Person Authentication
Pharmacy Electronic Security Part 4: Transmission Security
