I've been working with this practice software since 2015 and compared to everything else on offer, it was a revelation even then, especially for me as a Mac user. Since then, a lot has changed, in my opinion only for the better, and it often happened that I noticed small things that needed improvement and suddenly an update was installed. Lemniscus continues to develop, gets better and better, is grateful for constructive criticism, and for this reason alone it suits me and my practice so well. The support leaves nothing to be desired, the security of the data has top priority and the price-performance ratio is unbeatable. Modern medicine needs modern, professional software, so I am glad and grateful that Lemniscus exists!
We quote from the web:
According to Art. 24 para. 1 sentence 1 DSGVO, the Verantwortlichy, must implement appropriate technical and organizational measures to ensure that the processing of data complies with data protection. (These are the infamous "TOMS".) These must also be proven, which is why the list of TOMS is important.
Art. 32 DSGVO concretizes this obligation with regard to data security compliance. According to Art. 32 (1) GDPR, the controller is obliged, among other things, to take appropriate technical and organizational measures, depending on the probability of occurrence and severity of the risk, to ensure a level of protection appropriate to the risk.
The Bavarian State Office for Data Protection Supervision has published a checklist for medical facilities with test criteria. The interesting point is that two-factor security is generally considered necessary for medical data. In addition to classic passwords, other access factors are required to adequately protect particularly sensitive access points.
This applies in particular to the storage of patient data in the cloud. Many providers offer such two-factor authentication, but in some cases it must be activated by the user.