Sign up

Webmedy Blog

< Back to the Blog

Security controls needed for a secure EHR application

August 21, 2019 - by Webmedy team


Deterrent controls

These controls are intended to reduce attacks. These should include warnings and signs informing potential attackers that there will be adverse consequences for them if they proceed - such as legal action etc. These controls reduce security threats.

Detective controls

These controls detect and react to security incidents. These controls include monitoring system wide events, detecting intrusions by matching events against attack patterns, etc.

Data Protection controls

Data, both in transit and at rest, needs to be protected. Critical patient information needs to be stored in encrypted form and transmitted in secure connections such as SSL/TLS. The secure connection needs be end-to-end. Data backups also need to be stored in encrypted form.

Corrective controls

Corrective controls correct the security breaches and aim at limiting the damage. These include restoring data from a backup in the event of data loss or corruption, blocking users from access to the system that are suspicious, changing encryption keys and passwords, etc.

Preventive controls

These controls prevent security breaches. These include authentication and authorization mechanisms and removing software and system vulnerabilities against known attacks.

Featured Posts


Seeing is Believing.

Sign up for a free account and start your trial.

No payment information required.

Contact Us


Ardinia Systems Pvt. Ltd.
C 15, C Block Road, C Block,
Sector 65, Noida, U.P 201301, India.
+91-120-4974855
info@ardinia.com
© 2020 Ardinia Systems Pvt Ltd. All rights reserved.
Privacy Policy|Terms of Use
Webmedy is a product from Ardinia Systems.