The MacPractice Security Guide describes MacPractice Security features, many of which are optional and will need to be enabled. While the MacPractice software has many security features, it is ultimately your responsibility to ensure that adequate security measures are taken.
When considering MacPractice Security, the following topics should be understood:
- User Group Privileges: User Group Privileges is the MacPractice permission system, designed to control access to certain areas of the software by User groups.
- Security Preferences: The MacPractice Security Preferences can be used to set an inactivity logout time, allow MacPractice to remember previous login credentials, and so on.
- Security Alerts: Security Alerts, such as Failed Logins or Emergency Logins, can be viewed within the Security Alerts report. Security Alerts will also display at login to any User with the Notify of Security Alerts privilege.
- Encrypt Backups: Backups can be secured by using the encrypt backup feature. Specify a password in MacPractice Preferences under Server Backups. This password will be required to restore any backups.
- The HIPAA Button: The small H button on the bottom left of the MacPractice window will hide the names of patients within the Scheduling ability. In other abilities, it will lock the screen and require a password to log back in.
- Emergency Password: The Emergency Password grants non-administrative Users temporary administrative access to MacPractice in the event of an emergency.
- MacPractice Security Password: The MacPractice Security Password is created during the installation process and is required each time the MacPractice Server is restarted.
- Stolen Computer: The MacPractice Server computer should always be kept in a locked room. If a MacPractice Server or MacPractice Terminal is stolen, the measures in this guide should be taken.
- Protocols and Ciphers: The Protocols and Ciphers guide lists ciphers, protocols, and algorithm information for MacPractice.
- Server Certificate Authentication: In MacPractice versions 4.2+, a Certificate SHA1 fingerprint can be used to verify the identity of a Server. MacPractice recommends purchasing a signed SSL Certificate from a Certificate Authority.
- Mac OS X Security Recommendations: Beyond MacPractice software security features, MacPractice suggests using Mac OS X security features at the operating system level.