The computer security guidelines are designed to help busy general practices ensure their practice systems are secure and the 3rd edition takes into account the increased use of laptops, remote access devices and wireless connections.
RACGP President Professor Claire Jackson said that general practice has specific requisites in computer and information security and it has not been easy for practice staff to access appropriate training to develop the necessary IT security skills.
“General practice has led the way in many areas of e-health. Maintaining information security is vital and requires planning and technical knowledge and it is a challenge to produce guidelines that will suit all practices,” she said.
In support of these aims, the new guidelines provide a series of templates that provide useful information, such as how to produce business continuity and disaster recovery plans. The guidelines also include a check list, which provides an overall assessment of the basic computer security processes that should be reviewed annually. All templates can be easily incorporated into the practice’s policies and procedures manual.
Dr John Bennett, Chair of the RACGP e-health working group, said that the latest edition of the computer security guidelines places greater emphasis on the roles of the personnel involved in protecting practice information.
“It is important for all practices to conduct a risk analysis of their particular systems and security needs, and to document the policies and procedures that staff will need to follow to ensure that data held within the practice’s clinical and administrative systems is secure and continuously accessible,” he said.
Dr Bennett said that the guidelines will provide a framework to enable practice staff to work through the elements of computer security and information management.
“With the Federal Government’s commitment to the national Healthcare Identifiers Service and to Personally Controlled Electronic Health Records (PCEHR) over the next two years, security of general practice systems and correct patient identification is more important than ever.
“Unique health identifiers will better support the management of health information and the communication of health information between healthcare providers and healthcare organisations,” he said.
The guidelines are based on the Computer security self-assessment guidelines and checklist for general practitioners (2nd edition), published in 2005 by the General Practice Computing Group, and also on work done in 2001 by the RACGP and the Australian Medical Association (AMA). The guidelines are referenced in the RACGP Standards for general practices (4th edition), also launched at GP10.
The Computer security guidelines: a self assessment guide and checklist for general practices are available at www.racgp.org.au/csg.
---
Quelle/Source: The Royal Australian College of General Practitioners, 08.10.2010
Bitte besuchen Sie/Please visit:
