Time to dispel 10 myths that might be keeping you on the high-tech sideline when there is hardware to upgrade, software to add and other digital leaps to take.

1 You can save money with cheaper systems. Technology is expensive. And cheap technology will cost you even more. Whatever you might save by buying a cheaper computer system will usually be lost many times over during its lifespan because of technology do-overs and the cost of lost productivity due to poor performance. You don't necessarily need to be constantly buying the latest and greatest technology, but increased demands on storage and processing horsepower make it imperative that your system be designed for growth. If the core platform is robust and scalable, then over time you can add additional storage and memory, doubling or even tripling the lifespan and usability of your systems, with a modest 10 percent to 15 percent up-front premium. Other bad "money-saving" ideas: Sharing usernames to minimize software-licensing costs and taking a do-it-yourself approach (in IT as in medicine, some things should only be done by trained, skilled, certified professionals - whom we'll discuss next).

2 Any certified IT person will do. Unlike in medicine, where titles and certifications are fairly straightforward, the titles in IT can be very confusing. For example, a Microsoft Certified Professional need only take a single test - but a Microsoft Certified Systems Engineer designation requires an extensive course of study and a series of tests. Similarly, an IT company can become a Microsoft Registered Partner by merely registering on the company Web site, but becoming a Microsoft Certified Partner means meeting much stricter requirements, including having multiple MCSEs on staff.

3 All you need is a workstation and an Internet connection. This is a common misstatement from some vendors whose software is Web-based. While it may be true that their software can be accessed over the Net, it's over-simplifying to say that you don't need additional infrastructure components in your office. You must consider user security and authentication, firewall, networking gear, protected power and data backup for all applications in your office, not just the one being sold by a specific vendor. And to the extent that the software vendor houses your data, you are completely dependent on it.

4 WiFi is not HIPAA-compliant. As long as WiFi is secured and encrypted using one of several protocols to keep unauthorized users out of your system, it can be HIPAA-security-compliant. Unfortunately, the way most inexperienced IT people set up WiFi, it's not, and those who don't know how to set up a secured and encrypted wireless network merely say you can't achieve HIPAA compliance. Another WiFi myth: WiFi can replace traditional cabling (see "Going Wireless: 4 Issues to Consider" in the July 2006 issue for more on this). Another HIPAA myth: Any password-protected e-mail is HIPAA-compliant. Don't use Web-based e-mail, such as Yahoo or AOL; instead, implement your own e-mail that you can control and properly secure internally.

5 Online data backups are a good idea. The idea that your data is backed up every night in some secure data center resembling Fort Knox sounds good. But there are four serious problems with this:

• Speed. Just think of how long it takes to download a 5MB e-mail attachment. To transfer 80GB of data - or the size of a typical laptop hard drive - would take more than five days on a T1 circuit.
• Unpredictability. Hosting companies haven't had a good survivability record; it's rare to find one that's been around longer than 5 years.
• Lack of control. If you use a data center, you're putting one of your most valuable assets - your data - in someone else's total control. You should be taking precautions to ensure your staff doesn't leak information, but you're going to give a complete stranger unfettered access?
• Cost. For the cost of a few months of online storage, you could replicate your entire storage infrastructure, creating a complete secondary mirror of all your data, and all under your control. Online backup costs anywhere from $1 to $15 per month per gigabyte. You can buy your own data storage outright for about $1 per gigabyte or less. So after a few months you'd pay for the cost of entirely replicating your storage. And it would be under your control, not under someone else's control.

6 Your staff doesn't need training. Your staff is smarter than average and understands Windows very well. Who needs training? Consider that you typically use only 10 percent to 20 percent of a software package's functionality - and this is true not only of specialized software like scheduling and EMR, but also basic applications such as Word, Excel and even Windows itself. That means it's highly unlikely you and your staff are reaping the real benefits of the technology you buy. The more you spend on hardware and software, the more critical it is that you invest in training your staff to maximize that investment. Many studies show that user training has an ROI of 200 percent to 400 percent within 12 months.

7 You can create a bulletproof network. Sorry. No one has enough money - and no technology has yet been devised - that offers 100 percent uptime. Even major e-commerce Web sites, financial service systems and national TV networks (all of whom have massive technology budgets) suffer occasional downtime. Hire a skilled IT company to design your systems to address the major risks, such as power loss, equipment failure and user error, and have a formal disaster recovery plan to address inevitable failures.

8 You can eliminate spam and viruses. Unless you turn off your computer or disconnect it from the network permanently, you're going to have spam, viruses, spyware and adware to deal with. You can only reduce your risk of encountering these annoyances by implementing strong anti-spam software and the most robust anti-virus software systems available. In addition to up-front costs for annual subscriptions, be prepared to pay for and run updates.

Two cautions: It's easy to implement protections incorrectly, leading to a false sense of security, so have an expert do it. And some "free" anti-virus and related software are actually Trojan horses that open your system to remote attacks.

9 All you need to do is look for brand-name systems. Two computers with seemingly identical specifications from the same manufacturer can differ in price by 50 percent to 100 percent, leading you to assume (possibly incorrectly) that the cheaper unit is comparable and is therefore a better buy. Likewise, the more expensive unit may not necessarily be worth twice the money. Some national brand names have been sued for bait-and-switch tactics, and for "cramming" - adding on items that are not needed or that are overly expensive. (This is especially true for low-cost or "free" printers for which you'll have to buy very expensive cables or print cartridges later.) Again, the fix is to have someone who knows what he's talking about guide your IT process.

10 Microsoft systems aren't secure...we're getting Macs. This common misconception is fueled more by some very creative - and effective - marketing hype than by fact. It's true that Microsoft/Windows systems have more security issues, but that's because there are more than 10 times as many Windows systems in use than Apple systems. As Willie Sutton supposedly said, he robbed banks because that's where the money was. Well, Windows systems merely represent a bigger potential target for the bad guys.

Macs are fine for students, home-based businesses and people in the creative or visual arts, but they have a small market share because very few business applications are available for Macs, especially in health care. Further, they actually have worse security for networked systems and remote access. When you consider that 90 percent of the rest of the business world uses Microsoft systems, you realize that you need Microsoft-compatible software anyway. Leaving Windows for Mac because of security reasons is like switching to the Euro as your currency because virtually all bank thefts in America involve the dollar.

IT doesn't have to hurt
See, you don't have to know the details of FIPS-validated encryption algorithms to be tech savvy. You just need a solid foundation, and that starts with dispelling these 10 all-too-common myths. And remember, "Oh, I'm just not good with computers" is no longer an excuse.