Information security
Criterion 4.2.2
The security of patient health information in our practice is maintained.
Indicators
| |
|
| A |
Patient health information in our practice is neither stored nor left visible in areas where members of the public have unrestricted access, or where constant staff supervision is not easily provided (interview, direct observation). |
| B |
Our facsimile machines, printers and other communication devices are only accessible to authorised staff (direct observation). |
| C |
Our GP(s) and staff can describe how they ensure security of patient health records (interview). |
| D |
If our practice uses computers to store patient health information, our practice ensures that:�
Our GP(s) and staff have personal passwords to authorise appropriate levels of access to health information�
Screensavers or other automated privacy protection devices are enabled�
Backups of electronic information are performed at a frequency consistent with a documented information disaster recovery plan�
Backups of electronic information are stored in a secure offsite environment�
Antivirus software is installed and updated�
All internet connected computers have hardware or software firewalls installed (document review).�
(If this is not applicable to your practice, please select yes for the purpose of this assessment) |
| E |
If our practice uses computers to store personal health information, our practice has an information disaster recovery plan that has been developed, tested and is documented (document review).�
(If this is not applicable to your practice, please select yes for the purpose of this assessment). |
Download RACGP criterion (PDF)
Want more information?
Contact the GPA team if you require further information in regards to any of these topics
and/or other general practice enquiries.
Our experienced Quality
Accreditation Managers are
always on hand to assist you.
FREE CALL 1800 188 088
