Mac Mini + Server?

Discussion in 'Mac mini' started by Macinstache, Nov 5, 2014.

  1. Macinstache macrumors member

    Joined:
    Sep 16, 2013
    #1
    I am starting my own small medical office. I need to save my electronic health records and plan to have 2 computers in the office. A lot of these all-in-one medical softwares cost a fortune.

    I plan to use my Macbook Pro as my computer. If I get a Mac Mini for the reception desk could I install Mac OS Server and use it as a local server which holds all patient contact, schedule etc between the 2 computers?
     
  2. bplein macrumors 6502

    bplein

    Joined:
    Jul 21, 2007
    Location:
    Austin, TX USA
    #2
    If all you need is file sharing, you don't need the Mac Server app.

    I am more interested in Security: What country are you located in?

    No matter where you are, you should appropriately safeguard your patient data. In the US, there are HIPPA guidelines and laws to follow. So whatever you do, make sure your software vendor supports your environment, and that you can properly secure the customer data.

    By itself, without some deeper knowledge of how to secure your data, the Mac mini would be easy to steal and then they'd have access to the data. So you should apply both physical as well as data security techniques to protect the data.

    For example (btw, I am not a security professional, my response will elicit a lot of debate here, and you should listen to it all and seek a professional if you aren't capable of deciphering it yourself):
    1) Lock the Mini to the desk. A cable lock is easy enough to cut through for a prepared person, but it will keep a janitor or a quick smash-and-grab from taking it.
    2) Use a dual-disk mini, and use FileVault to lock the second disk. Keep all of your patient data on the encrypted disk, nothing on the boot disk.
    3) Use strong passwords for logging into the Mini and your laptop.
    4) Back everything up daily to an external encrypted device, and take that device off site with you every day. Potentially use 2 external devices for backup, both encrypted, locking one in an onsite safe and keeping the second off site.
    5) Avoid using WiFi for access, use hard wired. If you must use WiFi, consider having the WiFi access outside your protected LAN, connect to WiFi, and then use a VPN to access the corporate LAN to get access to the mini.

    There are a lot more things. Using the Mac as a server is the easy part. Doing it right in a medical environment is harder.
     
  3. cinealta macrumors 6502

    Joined:
    Dec 9, 2012
    #3
    You're going to keep confidential patient records on a Mac Mini? Is that even legal?
     
  4. MrX8503 macrumors 68020

    Joined:
    Sep 19, 2010
    #4
    Very good tips above. If you plan to remotely access the files you want to VPN into your Mac Mini
     
  5. cfedu macrumors 65816

    cfedu

    Joined:
    Mar 8, 2009
    Location:
    Toronto
    #5
    Do you think the cloud would be a better idea?
     
  6. JackieInCo macrumors 601

    Joined:
    Jul 18, 2013
    Location:
    Colorado
    #6
    Millions of companies keep records on their own computers. Of course it's legal. Why wouldn't it be?
     
  7. Macinstache thread starter macrumors member

    Joined:
    Sep 16, 2013
    #7
    Yes, starting this year it is a requirement that all medical records be electronic. This has cost clinics tons of money just scanning paper records into a system. Where they decide to store it, I don't know. I do know that most store them on local devices with multiple back ups and encryption, but surprisingly there are tons of cloud based medical information storage options.
     
  8. Macinstache thread starter macrumors member

    Joined:
    Sep 16, 2013
    #8
    United States.

    The reason I was thinking Mac Mini is because I am very comfortable trouble shooting Mac's. The current office I own I paid a company to come in and set up a secure network with 3 pcs and whenever I have an issue (every few months) I have to pay them again to troubleshoot/fix it.

    If I could set it up myself with a physically secure Mac Mini that backs up to a RAID? and encrypts the data, but lets me share files between Macbook Pro & Mac Mini I feel that I would be able to handle all troubleshooting.
     
  9. MrX8503 macrumors 68020

    Joined:
    Sep 19, 2010
    #9
    You could use RAID1 to mirror the drive, so you'll have 2 exact copies of every file. However RAID1 is not a complete backup solution because it doesn't protect you from file corruption nor accidental deletion. Along with RAID1, you need to use Time Machine to save file versions.
     
  10. skwash macrumors member

    Joined:
    Mar 19, 2012
    #10
    I think the Mac Mini would be fine. Like others have said, use FileVault to encrypt the drive. Also set it up to require a password when waking from the screensaver.

    My day job is with a cloud based practice management, and health records company. These law changes have caused a good number of headaches for us too. :)
     
  11. mmomega macrumors demi-god

    mmomega

    Joined:
    Dec 30, 2009
    Location:
    DFW, TX
    #11
    It is legal as long as no unauthorized person in or outside the clinic has access to them.

    I have several Mini's running in our clinic but I'm on a bit larger scale with multiple servers and backup solutions.
    The multiple backup solutions is a MUST if you're going full digital records, losing a couple years of patient records will be completely devastating to your practice.
    I'd suggest a minimum of 3 backups with at least 1 offsite in case of a disaster such as the building burning down.

    Also I would house records on a machine separate than one used daily by employee's. You wouldn't want one of them to accidentally crash the machine or that hard drive and ALL of your information is gone.

    Even getting 1 Mini to serve as a server, a 2nd for your front desk and your MBP for you.
    With the "Mini Server" doing an internal backup, an external backup, a cloud backup and possible an external drive that you can backup to weekly and take home so worst case scenario is you lose a couple days of updated files.

    and another tip: there are plenty of cloud based backup solutions that are hipaa compliant. Most of the one's that specify they are a medical records cloud solution will charge you 5-6x the cost and will be the exact same service located on the same servers. A lot of the medical backup cloud service will also charge an arm and a leg per GB while the others are per 10 or 100GB.
     
  12. cinealta macrumors 6502

    Joined:
    Dec 9, 2012
    #12
    Ok.
     
  13. Macinstache thread starter macrumors member

    Joined:
    Sep 16, 2013
    #13
    can anyone recommend a Mac Mini year model that I should look at. I'm sure I don't need the newest fastest version?
     
  14. yakman macrumors newbie

    Joined:
    Nov 11, 2012
    #14
    It is only a requirement if you want to collect the CMS meaningful use incentive, some of the older guys are still sticking to paper records
     

Share This Page