小丁：我觉得这些天大多数做法都有外部I.T.提供升级的提供者，他们的维护，他们的周边控制，他们的安全和东西。任何可以访问服务器，信息或设备的人都必须具有签署，密封和见证的机密性协议。这些需要定期更新。providers also need to be part of the training that takes place within the practice team, because even though they're not on-site a lot of the time, and they’re not actually clinical, they are a very integral part of your practice team. So ‘network perimeter controls’ are really important and it's important to understand what they are. So they’re what separates your private network, your practice, from the great outside… from the public. So they're not usually just one layer like a fence, they’re usually a multi-layered buffer zone a bit like a Babushka doll or onion skins with lots of layers around it. What it does, it actually traps and stops unwanted traffic in, so that Intruders can't get in and steal your information or look at it. But it also acts as a barrier to what can be taken out of your private network. So only stuff can be taken out when it’s adequately encrypted with certificates or identifiable. So it's a bit like the demilitarized zone, so it stops intruders coming in and it stops stuff escaping that you don't want to, and it's controllable. And one of the most important things is that you have to keep auditing it and do tests on it to make sure that the perimeter is still secure.
史蒂文：通常需要备份所有数据库的一般练习。需要进行一份副本，在需要时可用，并安全地存储。大多数一般实践都有一个数据库，它将在内部备份以及潜在的外部。因此，该备份的外部居住可以位于便携式硬盘驱动器（可以删除该件），或者它可以在另一台处于Off现场的计算机上，或者它可以在云中。云存储能够开发真正的最高安全性，允许数据本身安全，从而在其原始状态下随时保留和可用的信息。数据本身仍然由一般的做法拥有。云服务提供商刚刚这样做 - 它提供了存储数据的服务，它不拥有练习数据。