Make sure you ask these critical security questions before choosing an EHR provider

The benefits of electronic health records to your healthcare practice are clear – you can save time, automate tedious tasks, keep patients happy with simple scheduling and automatic reminders, and streamline business operations for your front office staff, your back-office staff, and your health care providers. And those are just the highlights of what electronic health records are able to do.

But all of these benefits come with a risk, and it can be a big one – security.

While security in health care organizations is nothing new – anyone who has ever misplaced a patient paper file can attest to that – cloud-based EHR systems require a new focus on data security. Letting down your guard can endanger not only the privacy of your patients but also your business operations – let’s face it, no health care provider wants to be known as the one who allowed sensitive patient data to fall into the wrong hands. Data security in healthcare is a big deal!

All of this means it is vitally important that you thoroughly vet the security protocols of any EHR system provider you are considering before signing on the dotted line. Choosing an EHR software provider who does not have the level of security that you are seeking could mean wasted time and a lot of sleepless nights.

Worried about what to ask your EHR provider when it comes to the security of your secure health information? Not sure what some of the important terms are? Relax – we’ve got you covered. This blog looks at the most important security questions to ask your EHR software provider before you choose to partner with one. Let’s get started!

Here are key questions to ask about EHR data protection:

1. How do you protect cloud-based EHR data?

Starting the conversation with this question will establish early on that you have a keen focus on data security. Storing data in the cloud instead of on physical servers offers increased data protection in the event of a data breach or some other issue. With cloud-based EHR software, it is easy to update security protocols, quickly address any issues, and gain an automatic backup service.

2. What antivirus tools does the EHR service provider use?

Cloud-based EHRs can deploy advanced antivirus tools easily to ensure that your records are protected from spying eyes and hackers. These tools should also use advanced firewall technologies that detect and stop ransomware threats as well as cloud backup solutions that allow you to access the data records in case of an unfortunate event.

3. What are the details of your disaster recovery plan?

No one wants a disaster to occur, but they do happen. Your cloud-based EHR provider should have an EHR software solution disaster recovery plan in place and formalized – not just written on a napkin. This plan should be stabled by professionals and tested on a regular basis.

4. Who has access to the cloud data?

While the data are yours, someone at the EHR provider will likely be able to access it too for security reasons. You will want to understand who has that authorization to your records and under what circumstances can that person access the information.

5. What are your procedures for suspected security violations?

If the EHR service provider suspects a breach or has evidence pointing out that one happened, what happens next? Who do they inform? What steps do they take to ensure the data were not compromised?

6. Do you perform penetration tests on your systems?

A penetration test should be performed with some regularity. You will want to know how often that takes place, what the results of the last test were, and what was done with the information from that test.

7. Where are your servers located? What security measures do you have for protecting those data centers?

Data stored on the cloud, of course, are not literally stored in a cloud – all cloud storage means is that the data are stored on someone else’s computer. Data centers are located around the world, typically in places where electricity is cheap (because those servers need to be kept cool). It is worthwhile to understand where your EHR provider’s data centers are, what standards and protocols they have in place to ensure security in those locations, and if the physical locations of those centers impact and the laws in those locations impact your electronic health records in any way.

8. What level of technical support do you offer?

Of all the many wonderful things about cloud-based electronic health record systems, having someone else handle the hardware is chief among them. That said, even though you will not have to bother with on-site servers and the associated IT staff, you may on occasion run into trouble or issues when accessing the online electronic health record system. This is where that technical support will come in. Did someone lose their password? Is there a system outage? Is there a laptop or tablet compatibility issue? Did you lose power and need to get back on? All of these things can and do happen, and they usually happen at the worst time possible. Will your electronic health record provider be there for you? This is the time to find out!

9. What uptime guarantees do you make?

High infrastructure availability is critical in this industry. But uptime is complicated when dealing with electronic health record systems, as how much of the time you can access your records is not just based on your internet connection and the flow of data from the cloud to your computers and laptops. Cloud tools are interconnected and highly complex, and only one critical service need to experience a hiccup before ether whole system comes crashing down like a game of dominoes. High availability is a measure of how long the system is operational. In this industry, reliable uptime in a cloud SLA is usually 99.99 percent – anything above this “four nines” measure is considered excellent.

Eye Care Leaders is one of the leading providers of electronic health record systems to the eye care industry. With several tools to choose from, including the popular myCare solutions system, Eye Care Leaders is uniquely positioned to offer high-quality EHR services that meet and exceed your expectations. For more information, contact Eye Care Leaders today.

Let’s Connect

Drop a line for our sales representative to get in touch with you

  • This field is for validation purposes and should be left unchanged.

Latest Article


Revenue cycle management success: Learn these key factors

  • 23 Jun 2022

Your ophthalmic practice should be leaning heavily on its revenue cycle management plan. RCM can help your practice minimize errors, increase the chances you will get paid, and tamp down on the siz...


What to look for in an EHR system for multilocation optometry

  • 16 Jun 2022

Having multiple locations for your optometry practice can have some massive benefits – you get more coverage area, more staff with deeper expertise, saved money on service and platform fees, increa...


How cloud-based EHR systems boost your cost-efficiency

  • 02 Jun 2022

Cost-efficiency leads the way when considering cloud-based EHRs You already know that electronic health record (EHR) systems can do wonders for your practice. The right E...

Download Article