CharmHealth EHR offers a range of features designed to enhance account security and protect patient data. We strongly encourage all practices to utilize these features for controlled access to sensitive information.
Practice Admin and Office Managers can enforce practice-level security policies, ensuring that all practice members adhere to the best practices for data protection. By implementing the measures below, you can safeguard patient information and maintain compliance with regulatory standards.
A strong password, along with periodic changes, is essential for ensuring the security of your CharmHealth account.The stronger and more complex the password, the harder for unauthorized users to gain access.
Also, it is important to change your password periodically say, every three months.
Practice Admin and Office Managers can enforce a strong password policy for your practice members from the Settings > Security > Policies section. Here you can configure the minimum password length, set expiry, refuse reuse, and determine the password complexity.
Enabling two-factor authentication (2FA) for your CharmHealth account adds an extra layer of security. With 2FA, you will need to provide a second form of verification, such as a code sent to your mobile device, in addition to your account password. This helps to protect your account even if your password is compromised.
CharmHealth EHR supports 2FA using Authenticator apps (like Google Authenticator etc.), Hardware tokens, and SMS.
Practice Admin and Office Managers can mandate two-factor authentication for your practice members from the Settings > Security > Policies section.
Reviewing your practice members' accounts and deleting or locking any unused accounts is essential for maintaining security.
Have a routine review of your practice members' accounts. For those who no longer require access, either lock the accounts temporarily or delete them permanently to prevent unauthorized access.
Practice Admin and Office Managers can manage your practice members' accounts from the Settings > Facility > Facility Members section. This will prevent any unauthorized access to Patient data.
The Practice Admin and Office Managers can regularly monitor the security incident report available under the Settings > Security > Security Incident Reports section. This will help in identifying suspicious attempts to access your members' accounts.
Security policies enforced by the Practice Admin are effective only when the individual users exercise continuous care. Here are the key security recommendations for Practice Members for protecting patient data:
Do not save the password in the browser, and do not use the same password for all your accounts. Store your passwords in secure password vaults instead of writing them down.
Log out from your Charm Account properly once you complete your work. Periodically check all your active sessions from the Settings > Security > Active Sessions section and close the sessions that were not properly closed earlier.
Keep your computer and browser secure by regular software updates.
We believe the above security measures and best practices will help you secure your CharmHealth account.
If you have any questions, kindly contact us at support@charmhealth.com