Information & White Papers

Buying GuideAs mentioned in the Overview we have a Buying Guide which will guide you through the basics of what to look for when buying your very first dental practice system. It has various information that may well be useful even if you already have one... it never hurts to be reminded of key points to look for, download it and have a look.

There are other key areas that you should also be at least aware of so we have some basic advice and links to other more detailed information for each topic.

You should also ensure your employees' employment contracts cover these topics so they take some responsibility for their actions and to comply with best practice to help avoid problems with your system and the data held on it.

It may all seem rather overkill for a dental practice but if at some time you do have a problem without having taken even basic precautions you will really wish you had; unfortunately this is the World we now live in.

Click the topic you want more information on...

Wireless Technology - how to remain secure when offering your patients and staff Wi-Fi access

Whatever your business, but particularly important to dental practices, your computer system security is absolutely vital.

If you need a wireless network in any business for general non-business use by employees or customers you should always have it completely separate to your business network. You cannot ever assume that someone will not have some malicious intent and therefore make it a priority to keep all business information private and contained - away from prying eyes.

This can be done by having a a separate wireless LAN (Local Area Network) and many modern broadband routers have two channels allowing you to give access without compromising your business.

We would always recommend having your 'public' network password protected and given out only as needed too so it cannot be connected to by anyone just passing by.

You should also restrict the use of the Internet on your main network and WYSdom can help you do this through the setting available on your system.

Draytek are manufactures of business level broadband routers and have a white paper covering this and other security topics you may find useful - click here to view and download the document - it's titled Security White Paper Router Operation – Best Practice.

BYOD - Bring Your Own Device - how to manage the use of your staff's own mobile phones and tablets

It is common practice that employees can use wifi at work. If they connect at all to your business network with their devices then your system and the data held is potentially compromised.

Dental practices in particular keep very sensitive data on their patients and therefore security is even more critical. So it is up to the practice owners to ensure that they do do all they can to protect that data under what can be quite difficult circumstances at times so be aware and be warned - it will only get more pervasive.

There are various sources that can give you much more information to help you; the ICO has a good document - click here and there is a government one here also which can be useful.

Security - how to reduce the chance of infections on your system

Internet and Email Security

In reality there is no absolutely secure network. But at the same time there are many obvious things you should do and not do that will in conjunction with good anti-virus software keep you as secure as you can.

The list below is just the basics that you should adhere to, you should make a point of understanding the subject to a reasonable level for your business' safety.

Do’s

  • Do carry out regular Windows updates.
  • Do check that your anti-virus software is up-to-date. It is your responsibility to ensure that these updates are run on every computer. Failure to do so could result in operational or security failings.
  • Only use the Internet for work-related browsing on known safe sites. Many anti-virus products put a green tick beside safe sites in your search engine.

Don’ts

  • NEVER respond to any pop-up window that informs you that your PC is infected however much it looks like a legitimate Microsoft Windows warning or software message. Close the window immediately.
  • Do not download or run anything that pops up when you are browsing the Internet. 
  • Do not open any email attachments unless you are sure that it is a valid document and that you were expecting it even if it is an email advising you that a courier service was unable to deliver a parcel.
  • Do not click on any links to web sites within an email that you were not expecting.
  • Do not respond to any email that purports to come from a bank, credit card company, social networking site, etc that asks for any details or confirmation regarding your account and login details. You bank will never email you asking you for details about your account.
  • Do not carry out any instructions sent by email to update or fix any application or Windows file. Windows have a standard update procedure that notifies you via a yellow shield on your task bar. They WILL NOT email you.
  • Avoid social networking sites. Use your work computer for work purposes. Home computers are the place for personal emails and social networking.
  • Do not use files from a USB memory stick that has been used to copy files from another computer unless it has been virus scanned first.
  • Do not be tempted to visit a web site to download something that is ‘free’, including music, films.
  • etc. Do not enter your work email address into such sites.
  • Do not load any software on your practice computer that is not approved, this includes Explorer/Yahoo toolbars and ‘funny’ icons for use in email.
  • Do not respond to ‘chain’ emails, e.g. an email that states a virus is about to delete all your files and you must email this information on to everyone you know. It is a hoax, delete the email immediately.
There is a useful page on the Microsoft site with a lot of information you may find useful. Click here to go and view the page.
 

Data Protection & Compliance - best practice on keeping your data from prying eyes

Data Protection is seen as a very big deal nowadays with even very large corporations suffering from hackers downloading customer data on a daily basis so it is important that you do whatever you can to keep your data secure.

This is covered in law by the Data Protection Act and its key principles and how this applies to the handling of information in your organisation are as follows:

Key principles:

  • Information may only be used for the specific purposes for which it was collected.
  • Information must not be disclosed to other parties without the consent of the individual whom it is about, unless there is legislation or other overriding legitimate reason to share the information (for example, the prevention or detection of crime). It is offence for other parties to obtain this personal
  • data without authorisation.
  • Individuals have a right of access to the information held about them, subject to certain exceptions (for example, information held for the prevention or detection of crime).
  • Personal information may be kept for no longer than is necessary and must be kept up to date.
  • Personal information may not be sent outside the European Economic Area unless the individual whom it is about has consented or adequate protection is in place, for example by the use of a prescribed form of contract to govern the transmission of the data.
  • Subject to some exceptions for organisations that only do very simple processing, and for domestic use, all entities that process personal information must register with the Information Commissioner's Office.
  • Entities holding personal information are required to have adequate security measures in place.
  • Those include technical measures (such as firewalls) and organisational measures (such as staff training).
  • Subjects have the right to have factually incorrect information corrected (note: this does not extend to matters of opinion)
  • Guiding principles:

In addition, all organisations dealing with personal information must adhere to the values of:

  1. Transparency – individuals should have a clear and unambiguous understanding of why their personal data is being collected and for what purpose it will be used.
  2. Consent – individuals must give their consent at the time their information is collected, with the opportunity to opt‐out of any further uses of this information.
For more information there is a useful overview from the ICO (Information Commissioner's Office) - click here to view it or go to the ICO website for more information.
 

Information & White Papers

Buying GuideAs mentioned in the Overview we have a Buying Guide which will guide you through the basics of what to look for when buying your very first dental practice system. It has various information that may well be useful even if you already have one... it never hurts to be reminded of key points to look for, download it and have a look.

There are other key areas that you should also be at least aware of so we have some basic advice and links to other more detailed information for each topic.

You should also ensure your employees' employment contracts cover these topics so they take some responsibility for their actions and to comply with best practice to help avoid problems with your system and the data held on it.

It may all seem rather overkill for a dental practice but if at some time you do have a problem without having taken even basic precautions you will really wish you had; unfortunately this is the World we now live in.

Click the topic you want more information on...

Wireless Technology - how to remain secure when offering your patients and staff Wi-Fi access

Whatever your business, but particularly important to dental practices, your computer system security is absolutely vital.

If you need a wireless network in any business for general non-business use by employees or customers you should always have it completely separate to your business network. You cannot ever assume that someone will not have some malicious intent and therefore make it a priority to keep all business information private and contained - away from prying eyes.

This can be done by having a a separate wireless LAN (Local Area Network) and many modern broadband routers have two channels allowing you to give access without compromising your business.

We would always recommend having your 'public' network password protected and given out only as needed too so it cannot be connected to by anyone just passing by.

You should also restrict the use of the Internet on your main network and WYSdom can help you do this through the setting available on your system.

Draytek are manufactures of business level broadband routers and have a white paper covering this and other security topics you may find useful - click here to view and download the document - it's titled Security White Paper Router Operation – Best Practice.

BYOD - Bring Your Own Device - how to manage the use of your staff's own mobile phones and tablets

It is common practice that employees can use wifi at work. If they connect at all to your business network with their devices then your system and the data held is potentially compromised.

Dental practices in particular keep very sensitive data on their patients and therefore security is even more critical. So it is up to the practice owners to ensure that they do do all they can to protect that data under what can be quite difficult circumstances at times so be aware and be warned - it will only get more pervasive.

There are various sources that can give you much more information to help you; the ICO has a good document - click here and there is a government one here also which can be useful.

Security - how to reduce the chance of infections on your system

Internet and Email Security

In reality there is no absolutely secure network. But at the same time there are many obvious things you should do and not do that will in conjunction with good anti-virus software keep you as secure as you can.

The list below is just the basics that you should adhere to, you should make a point of understanding the subject to a reasonable level for your business' safety.

Do’s

  • Do carry out regular Windows updates.
  • Do check that your anti-virus software is up-to-date. It is your responsibility to ensure that these updates are run on every computer. Failure to do so could result in operational or security failings.
  • Only use the Internet for work-related browsing on known safe sites. Many anti-virus products put a green tick beside safe sites in your search engine.

Don’ts

  • NEVER respond to any pop-up window that informs you that your PC is infected however much it looks like a legitimate Microsoft Windows warning or software message. Close the window immediately.
  • Do not download or run anything that pops up when you are browsing the Internet. 
  • Do not open any email attachments unless you are sure that it is a valid document and that you were expecting it even if it is an email advising you that a courier service was unable to deliver a parcel.
  • Do not click on any links to web sites within an email that you were not expecting.
  • Do not respond to any email that purports to come from a bank, credit card company, social networking site, etc that asks for any details or confirmation regarding your account and login details. You bank will never email you asking you for details about your account.
  • Do not carry out any instructions sent by email to update or fix any application or Windows file. Windows have a standard update procedure that notifies you via a yellow shield on your task bar. They WILL NOT email you.
  • Avoid social networking sites. Use your work computer for work purposes. Home computers are the place for personal emails and social networking.
  • Do not use files from a USB memory stick that has been used to copy files from another computer unless it has been virus scanned first.
  • Do not be tempted to visit a web site to download something that is ‘free’, including music, films.
  • etc. Do not enter your work email address into such sites.
  • Do not load any software on your practice computer that is not approved, this includes Explorer/Yahoo toolbars and ‘funny’ icons for use in email.
  • Do not respond to ‘chain’ emails, e.g. an email that states a virus is about to delete all your files and you must email this information on to everyone you know. It is a hoax, delete the email immediately.
There is a useful page on the Microsoft site with a lot of information you may find useful. Click here to go and view the page.
 

Data Protection & Compliance - best practice on keeping your data from prying eyes

Data Protection is seen as a very big deal nowadays with even very large corporations suffering from hackers downloading customer data on a daily basis so it is important that you do whatever you can to keep your data secure.

This is covered in law by the Data Protection Act and its key principles and how this applies to the handling of information in your organisation are as follows:

Key principles:

  • Information may only be used for the specific purposes for which it was collected.
  • Information must not be disclosed to other parties without the consent of the individual whom it is about, unless there is legislation or other overriding legitimate reason to share the information (for example, the prevention or detection of crime). It is offence for other parties to obtain this personal
  • data without authorisation.
  • Individuals have a right of access to the information held about them, subject to certain exceptions (for example, information held for the prevention or detection of crime).
  • Personal information may be kept for no longer than is necessary and must be kept up to date.
  • Personal information may not be sent outside the European Economic Area unless the individual whom it is about has consented or adequate protection is in place, for example by the use of a prescribed form of contract to govern the transmission of the data.
  • Subject to some exceptions for organisations that only do very simple processing, and for domestic use, all entities that process personal information must register with the Information Commissioner's Office.
  • Entities holding personal information are required to have adequate security measures in place.
  • Those include technical measures (such as firewalls) and organisational measures (such as staff training).
  • Subjects have the right to have factually incorrect information corrected (note: this does not extend to matters of opinion)
  • Guiding principles:

In addition, all organisations dealing with personal information must adhere to the values of:

  1. Transparency – individuals should have a clear and unambiguous understanding of why their personal data is being collected and for what purpose it will be used.
  2. Consent – individuals must give their consent at the time their information is collected, with the opportunity to opt‐out of any further uses of this information.
For more information there is a useful overview from the ICO (Information Commissioner's Office) - click here to view it or go to the ICO website for more information.
 
Back to Top