Security requirements
Caution
Before using the ResScan Essentials application, we recommend these steps.
Read the entire clinical guide before using this software.
To protect system components and patient information, your facility should implement appropriate cybersecurity policies, such as encrypting the file system where protected health information (PHI) is stored and enforcing unique usernames and passwords for all staff who have access to the computer at a minimum.
Recommended ways to secure patient data
If the practitioner decides to save the patient's information from the SD card to their PC or a network share, the practitioner or hospital must secure patient data using these methods:
Use disk encryption that prevents access to the data in the case of a PC or disk storage loss or theft.
Note: Disk encryption does not protect data when the practitioner is logged on to a computer as the data is already decrypted after the authentication.
Set idle session timeouts to 2–5 minutes.
Deploy Endpoint Detection and Response (EDR) systems or antivirus solutions to block malware.
Establish and maintain strong network security controls, such as firewalls and intrusion prevention systems.
Ensure the PC runs updated and patched applications.
Ensure all devices and storage media are secured with appropriate controls, such as local disks, network shares, and cloud platforms.