Introduction
HIPAA requires all endpoints accessing sensitive data to have updated anti-virus software. Anti-virus software safeguards computers from malware by promptly detecting and removing potentially unsafe files from computers. In some cases they can also be wrong and this create issues for software vendors. It is extremely important to make sure your anti-malware solution is both compatible with The Sammy Systems and configured properly. Failure to properly configure your anti-virus will cause instability and performance issues on your workstation and/or server.
There are many compatible anti-virus solutions and clients should discuss with their IT professionals the best option for their company. In the past, Sammy customers have used Trend Micro successfully, however, changes made to Anti-Virus products, made by the Anti-Virus companies, may break compatibility with SammyEHR at any time and negatively affect our application.
Configuration requirements for Sammy are that the Anti-Virus system used is capable of configuring real-time exclusions for entire folders and mapped drives.
Windows 10 comes with Windows Defender built in and enabled by default. Windows Defender is not compatible with the Sammy Systems as it falsely removes valid Sammy applications even with exclusions configured properly.
Configuration of Anti-Virus Settings
Sammy consists of two primary components, data locations and applications. You must exclude both the Sammy application and its data location from all real-time scans.
Please review the following table for the paths to add to the exclusions for Real-Time scanning in your installed anti-malware solution. Some folders may not exist based on your current configuration, operating system architecture, and which level of Sammy you have. It is important to configure your anti-malware for all of the folders which do exist.
Application |
Paths |
Location |
Description |
|---|---|---|---|
| SammyEHR | C:\SammyEHR C:\SammyEHR# E:\SammyData C:\Program Files (x86)\ICS Software\ S:\ |
Workstation Server Server Server Workstation |
SammyEHR application path SammyEHR application path for remote users SammyEHR data location SammyEHR Services Mapped network drive for SammyData. Consult your IT for correct drive |
| SammyUSA | C:\Sammy C:\Sammy# C:\Program files\Sammy\ C:\Program Files (x86)\Sammy\ S:\ |
Workstation Server Workstation Workstation Workstation |
SammyUSA application path 64-bit OS SammyUSA application path for remote users SammyUSA application path 32-bit OS SammyUSA application path for 64-bit OS Mapped network drive for SammyData. Consult your IT for correct drive letter |
| SimpleSam | C:\Sammy C:\Program files\Sammy\ C:\Program Files (x86)\Sammy\ C:\SIMPSAMDATA |
Workstation Workstation Workstation Workstation |
SimpleSam application path for 64-bit OS SimpleSam application path for 32-bit OS SimpleSam application path for 64-bit OS SimpleSam data location |
Firewall Configuration
Detailed firewall configuration can be found here: https://help.icssoftware.net/questions/95261-Web-addresses-and-Ports-Required-for-the-Sammy-Systems
All applications in the application path must be allowed network connectivity.
On SammyEHR database servers port 3306 must be allowed inbound to the server on your local network. Do NOT allow port 3306 inbound from the internet. THis is only to allow endpoints to access the database while Windows firewall is enabled on the server.