| To Anyone that can help, I would like to know how other Hospitals are handling the security of their clinical computer equipment. Our main HIS was recently updated before the April deadline to accommodate the HIPAA regs (ability to mark patient's confidential, individual log-ins, audit trail, etc) but from the looks of things - nothing has been done to our clinical computer monitoring systems. We use GE computer systems for our MRI, Cat Scan, and Nuclear Medicine departments - the system has a password upon entry into the system, but not individual log-ins. It is not possible to tell who did what. We recently had problems with someone "messing" with our Nuclear Medicine computer - so we installed locks on all the doors and secured the room (which is always supposed to be manned - but of course it isn't!). I have a call into the Chief Privacy Officer at GE - hasn't returned it yet. We also use a cardiac monitoring system by Phillips (Agilent Technologies) - it is Internet based - Doc's can get into the system (they each have their own log-in) and monitor the cardiac activity of the patient's in ICU, CCU, telemitry and ER. My problem with this is that any Doc can see any patient, not just their own. Isn't that a no no? They can't edit or make changes, just view. Does anyone have any specific references for this? Any help would be appreciated. Thanks. Cecelia Sheridan, HIPAA Privacy/Security Officer Southampton Hospital 240 Meeting House La Southampton, NY 11968 (631) 726-8576 [EMAIL PROTECTED] CONFIDENTIAL COMMUNICATION THIS TRANSMISSION IS INTENDED ONLY FOR THE INDIVIDUAL OR ENTITY TO WHICH IT IS ADDRESSED AND CONTAINS INFORMATION THAT IS CONFIDENTIAL. IF YOU HAVE RECEIVED THIS COMMUNICATION IN ERROR, PLEASE DESTROY THE EMAILED MATERIAL AND CONTACT THE SENDER IMMEDIATELY AT SOUTHAMPTON HOSPITAL (631)726-8576. THANK YOU. |
<<inline: Classic White.jpg>>
--- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-security as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
