Accessing Your HMS Data from Outside the Practice Safely

Arun Joseph VargheseArun Joseph Varghese on November 21, 2021

Hospital management systems are a key component of hospital operations. They help hospital staff keep track of patient information and hospital supplies, make schedules, generate reports about hospital performance, and more. 

But there's one problem. Most hospital management systems are locally hosted applications and cannot be directly accessed from outside the practice. In this blog post, we will discuss how to securely connect to your hospital management system remotely. 

There are two ways of doing this, with a VPN or without one. A remote-access VPN is your most secure option, but it also comes at a much higher cost than going without one.  

It enables you to access your HMS from a public space outside your practice by creating a tunnel between the HMS network and your system. You don't have to worry about the data being tampered with because the traffic is encrypted, thereby making it unintelligible to anyone else.

However, most hospitals wouldn't want to spend an extra amount on costly VPN services. Fortunately, there are alternative solutions. 

If you don't want to go with a VPN, simply can't afford it, or if your hospital management system provider does not offer this service,  there are other alternatives that allow remote access without compromising on security.


SASE (Secure Access Service Edge) is a process of creating persistent, secure tunnels between hospital management networks and remote HMS users. 

Users can securely secure shell (SSH) into hospital management systems despite firewalls because it uses an invisible tunnel technology that is encrypted end-to-end. It secures the data flowing back and forth for much faster data transfer, which is perfect when you need to download large amounts of information in shorter periods. 

The connection also creates a persistent link to the hospital network. This means that connections are quick once they've been established, which helps make up for slow or intermittent internet connections in public spaces outside your practice.

Finally, SASE provides an extra layer of protection against man-in-the-middle attacks, replay attacks, and session hijacking for hospital management systems.

SASE uses a different, more secure tunneling protocol from a VPN that does not require users to set up and maintain the connection. This is important because hospital management systems can be hard to manage and can generate large amounts of data very quickly, which means you don't have the time to use complex connections for hospital management systems. 

The SASE VPN is also much cheaper than a standard VPN service, costing just about $0.21 per user per day when billed annually.

The only drawback of SASE is that it requires the hospital management system to support SSH connections. However, most modern hospital management systems are compatible with this type of connection.

2. SSH tunneling

SSH tunneling is a technique that allows you to establish an encrypted connection between hospital management systems and remote users over the internet, which will help secure data transfer from outside of your practice. 

The hospital network acts as a relay for the tunnel, allowing the user to access it securely through their browser or terminal. SSH tunneling is not as secure as SASE because the HMS is hosted on the hospital network, which means that it can be accessed by hospital staff or hackers.  

However, SSH tunneling has other benefits. It does not require you to manage a server and requires only standard web browser access for setup. This makes hospital management systems much more accessible and compatible even if you’re not as tech-savvy. 

It is also a cheaper option than SASE, costing only $0.05 per user per day when billed annually!

The main drawback of SSH tunneling is that it can cause slow performance in hospital management systems because the connection is exposed to the public internet. However, this is only a problem if the HMS is hosted on an external server or remote location.

3. Port forwarding

Port forwarding is a process that allows you to securely access the HMS through public or private networks via the internet by sending packets of data back and forth between hospital management systems and your system. 

When port forwarding is enabled, you can set up different ports for incoming and outgoing connections depending on what type of remote access your hospital management system supports. You can also enable port forwarding with SASE or SSH tunneling if your hospital does not support it.

The main benefit of using port forwarding is the cost. It's free! It can save you money as well as time because no new software needs to be installed on hospital computers, which means they'll have more protection against hackers and malware attacks. 

With port forwarding, the HMS is protected as the local hospital computers authenticate incoming packets of data from hospital staff.

The main drawback is that port forwarding requires hospital computers to be connected directly to the internet, which means they're vulnerable to attacks through public networks. 

However, you can prevent this by installing a firewall on your hospital's network and configuring it to block all traffic except hospital management system data. You can also use port forwarding in combination with SASE or SSH tunneling for better security.

4. Reverse shell connections

Most hospital management systems cannot be accessed over the internet without some sort of remote access software. 

Reverse shell connections allow you to remotely access hospital information from a hospital laptop, tablet, or smartphone without needing to be physically present on the hospital network. 

You send a request to the hospital laptop or tablet saying that a reverse shell connection be established with the hospital and they respond by establishing the connection and waiting for instructions.

Whichever remote access option you choose, you always need a good hospital management system to go with it. Insta’s hospital management system is the best choice for anyone looking for efficiency and security in their HMS. 

Insta supports multi-factor authentication methods with the option of defining password protection policies. Insta’s role-based access control definitions ensure that users have the necessary authorization to specific actions and screens.

Want to know more? Click here to book a free demo.

Recent Posts


November 21, 2021


November 21, 2021