Vicki
New Member
Hello all! This is my first question at Chandoo, and I want to begin by saying thank you for the opportunity, and also thank you for all of the amazing things you do here. I've subscribed for over a year now, and - everyone here! - has taught me so many things, for which I'm eternally grateful.
I am a data analyst in the medical field. I spend 100% of my day playing with Excel and Access, and I love it! But, I've been wondering if anyone knows of any good guidelines when it comes to Excel Security Best Practices.
Because of the nature of the department I work in, I am required to create and distribute reports in Excel 2007 that contain HIPAA privileged data. We are very cautious about disseminating this data, sending only what absolutely needs to be delivered in order for the receiver to be able to perform his/her job. But, I am wondering if there is more that I could be doing to protect this data? So far, the security I employ is:
- Distributing the minimum amount of data, to only the person concerned (macros that email directly to a single recipient)
- Encrypting the files with a password (created by the person running the routine)
- Passwords are delivered separately from the data
- Data is never saved on the local machine - only on the server
Is there anything else that I could be doing? Keeping in mind that I am not the head of IT - I don't make the decisions regarding methods, equipment, software, etc.
Is there an existing resource for these kinds of questions? I have googled this question many times in many ways, yet have not found an answer. Does that mean there isn't one?
Thank you for your attention to my questions!
I am a data analyst in the medical field. I spend 100% of my day playing with Excel and Access, and I love it! But, I've been wondering if anyone knows of any good guidelines when it comes to Excel Security Best Practices.
Because of the nature of the department I work in, I am required to create and distribute reports in Excel 2007 that contain HIPAA privileged data. We are very cautious about disseminating this data, sending only what absolutely needs to be delivered in order for the receiver to be able to perform his/her job. But, I am wondering if there is more that I could be doing to protect this data? So far, the security I employ is:
- Distributing the minimum amount of data, to only the person concerned (macros that email directly to a single recipient)
- Encrypting the files with a password (created by the person running the routine)
- Passwords are delivered separately from the data
- Data is never saved on the local machine - only on the server
Is there anything else that I could be doing? Keeping in mind that I am not the head of IT - I don't make the decisions regarding methods, equipment, software, etc.
Is there an existing resource for these kinds of questions? I have googled this question many times in many ways, yet have not found an answer. Does that mean there isn't one?
Thank you for your attention to my questions!
