The concerns as I understand them are around privacy and tracking who can and has accessed private patient information. Some companies get past that by logging each time a record is viewed and certain fields have been modified. Others create separate fields for sensitive information, and password protect the fields. Lots of ways to skin that cat.
Rick On Jul 22, 2011 9:09 AM, "Shane Buchholz" <sha...@samhealth.org> wrote: > I have had a request from our security officer to find out if there are any specific security concerns we should be aware of in relation to processing Incident tickets in a healthcare environment. I think he is specifically looking at the Summary, Notes and Work Info data that could be entered by the Service Desk or any of the Technicians/Analysts. If anyone from the healthcare industry has some insight they could share I would appreciate it. I apologize for not being able to be detailed in the request, but this was presented to me as a hypothetical so I don't have much to go on. > > ARS 7.5 > ITSM 7.6 > Windows Server 2008 (64-bit) > SQL 2005 > > Thanks, > > Shane Buchholz > Systems Analyst II - Remedy > I.S. Business Operations > Samaritan Health Services > > ________________________________ > Confidentiality Notice: This e-mail message, including any attachments, is > for the sole use of the intended recipient(s) and may contain confidential > and privileged information. Any unauthorized review, use, disclosure or > distribution is prohibited. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are"
