When you are referring to the medical records and information management, you must know that any set up in any of the medical establishments offering services should be compliant with HIPAA, or the Health Insurance Portability and Accountability Act of 1996. The guidelines and safety standards enumerated therein apply not only to the physical records management but to the soft wares too. Therefore you must always check the software standards for the compliance under the said Act.

The soft wares have inbuilt security that is makes it difficult for any unauthorized entry into the database. Most of them use SSL or secured socket layers. Unless the user is authorized, one cannot access the database to store any data , to retrieve or to modify the data even. More importantly the software keeps a track or log of all the attempts logged in by users and hence traceability can be established.

The other feature that makes the soft wares highly secure is the fact that the databases are encrypted. When the database is encrypted it means that the data and information stored there in has been converted into a unique code which cannot be deciphered by authorized persons.

Access control through password and multi level access controls is another feature that makes the database safe from hacking. The administrators set the passwords for 30 days which then expire after this period. The system may generate new passwords automatically or leave it to the users to change the password, thereby ensuring that any unauthorized person who has gained access to a user's password is not able to access the system.

Every HIPAA compliant software comes with the provision of session timeouts. This prevents the system from displaying data unless somebody is working thus blocking passersby from reading what is on the screen.

The timeout limit can be set by the administrator of the system depending upon where the system is located. If the system is in a private area where no authorized persons have entry then the session timeout can be kept for a longer period.

Thus the soft wares are made hacker proof by using multi level security systems including access control, time out feature, and encryption of data as well as SSL. With these in place the patient's data and medical records are safe and cannot be accessed by unauthorized persons.

Besides system security, there has to be physical security maintained in the premise through access control as well as visual supervision too. Moreover the system can have enhanced security system in place where it can shut down if any unauthorized entry is attempted.