1. You are still running Windows XP on some of your machines
Seriously? This is a bad thing, and you need to stop it. You probably need to reflect on your overall IT investment strategy, or go back to paper. Or a typewriter. At least they can't be hacked.
You're using just a router for your Internet connection. No dedicated firewall. This is fine for a home network (just about). Not for a business network really. Unless you're not worried about being hacked, or controlling or monitoring your internet usage in any way. I'm sure your staff enjoy the free reign you're giving them to download just what they like!
Your cabling is a mess or badly installed. Or there aren't enough points. Or it was done by your electrician. Or your builder. Or the IT shop down the road. Or your mate. They might be cheaper than a proper network cabler, but the price you pay down the line will be reliability and performance.
You give the same WiFi password to your patients that connects directly to your network. Oh dear. Why not just print out all your patient records and pin them on the waiting room wall?
5. Spinning wheel of death
Exact takes ages to move between patients. The computer takes ages to start up. The Internet is slow. None of this is inevitable. You don't have to put up with it. It can be fixed!
6. Workstation as Server
Your "server" machine isn't really a server, it's just a workstation pretending to be a server. Probably one of the reception machines. It doesn't have any of the security, reliability, or performance of a proper server. You wouldn't find this kind of setup in a GP surgery, even a small one. But if you think that's OK for your dental practice...
7. External hard drives for your backup strategy
You have a few of these for backup. Maybe 5 if you're lucky, one for each day of the week. You wouldn't see that in a GP surgery either. When was the last time you checked the data on them? Might be OK, but then again it might not.
8. Your logins are all generic
Surgery1, Reception, etc. This is not industry standard, and not ideal for various reasons (and the IG toolkit thinks so too - see Requirement 14.1-321 sections 3-4).
9. Your Windows password is Pa$$word or D3nt4l or Bison1 or something equally as rubbish
These types of password, based around 1 dictionary word, even with letters changed or numbers added, take only seconds to crack. You might as well not bother having any password. Is your server admin one any better? #fail.
10. Windows Updates
Your system isn't configured to install these automatically. Interesting. No lessons to be learnt from the NHS Wannacry ransomware attack then?
Last edited: 10 August 2017