List three ways for risk prevention in an EHR

Restrict access
Determine who has access, and for what purpose
Use computer passwords, key cards, or biometric ID
Restrict copying functions
Place security mechanisms in contracts with outside computer service bureaus
Establish confidentiality agreements among network participants.
Address the potential for computer sabotage
Safeguard the use of laptop computers and personal digital assistants.