A company who supplies most Doctors Surgeries with a vital piece of software for billing purposes sends out updates several times a year. These updates require an appointment to be made and at the appointed time the supplied CD is placed in the drive an internet connection is made and the surgery logs on to the companies site and then activates PC Anywhere so that the suplying company can run the upgrade on all computers that use their software. In this way there are no errors in upgrading the software which is used to bill in Australia Medicare and the HMO’s in America so far so good as it requires very little expence by the software manafacture to keep their product up to date.
But their software contains personal information like the names, addresses and phone numbers of patients the dates that they attended appoitments what the appointment was for any treatment performed any illness that the person is suffering ect.
Now how do you secure the computer from unorthorised access via PC Anywhere that could lead to massive legal claims being bought against the Doctors Surgery by the lack of security of having PC Anywhere on a computer that holds this type of information?
Also if this data was to be stolen there would be Criminal action bought against the Doctors Surgery for breaching Privicy Laws.
Anybody want to offer a solution to this problem?
