Here are a few security improvements you can easily make:
1. Shred it
If you don’t have a shredder, buy one, or retain a shredding service (they will provide you with a locked bin for papers that they will fetch when it’s full and shred the papers for you). It should be a hard rule in your practice that all paper containing any patient PI should get shredded when you’re done with it.
2. Lock it
Lock your filing cabinets, drawers, and offices when not actively in use. Even when you go to the bathroom.
3. Restrict access
Don’t let just anybody into your administrative area. Make sure that only those who really need access to files or accounts, have it. Don’t allow any outsiders ‘behind the counter’.
4. Clean desk reception
Keep your appointment book, patient files, and accounts out of the public eye. Rather keep your appointment book electronically. Dedicate a private area for patients to fill in forms or update their details – don’t do this in the waiting room where everyone can hear and see.
5. Keep it confidential
Don’t discuss test results or patient details in person or on the phone in an area (like reception) where others can overhear.