5. Install and Maintain Anti-Virus Software

 

 

The primary way that attackers compromise computers in the small office is through viruses and similar code that exploits vulnerabilities on the machine. These vulnerabilities are ubiquitous due to the nature of the computing environment. Even a computer that has all of the latest security updates to its operating system and applications may still be at risk because of previously undetected flaws. In addition, computers can become infected by seemingly innocent outside sources such as CDs, email, flash drives, and web downloads. Therefore, it is important to use a product that provides continuously updated protection. Anti-virus software is widely available, well-tested to be reliable, and costs relatively little.

 

After implementation of EHRs, it is important to keep anti-virus software up-to-date. Anti-virus products require regular updates from the vendor in order to protect against the newest computer viruses and malware. Most anti-virus software automatically generates reminders about these updates, and many are configurable to allow for automated updating.

 

Without anti-virus software, data may be stolen, destroyed, or defaced, and attackers could take control of the machine.

 

How can users recognize a computer virus infection?

 

Some typical symptoms of an infected computer include:

 

• System will not start normally (e.g., “blue screen of death”)

 

• System repeatedly crashes for no obvious reason

 

• Internet browser goes to unwanted web pages

 

• Anti-virus software does not appear to be working

 

• Many unwanted advertisements pop up on the screen

 

• The user cannot control the mouse/pointer

 

 

Download Anti-Virus Checklist 6

 

5 http://healthit.gov/sites/default/files/Firewall Checklist.pdf

6 http://healthit.gov/sites/default/files/Anti-Virus Checklist.pdf

 

Anti-Virus Checklist

 Policies are in place requiring use of anti-virus software.

 All staff members understand and agree that they shall not hinder the operation of anti-virus software.

 All staff members know how to recognize possible symptoms of viruses or malware on their computers.

 All staff members know what to do to avoid virus/malware infections.

 Anti-virus software is installed and operating effectively on each computer in compliance with manufacturer recommendations.

 Anti-virus software is set up to allow automatic updates from the manufacturer.

 Anti-virus software is fully up-to-date according to manufacturer’s standards.

 Handheld or mobile devices that support anti-virus software have the software installed and operating.