by November 29th, 2011on
Ever have one of those mornings where you enter your password 4-5 times before getting it right? Ever enter every possible iteration of your password and still fail to unlock a store of data you only seldom access? Imagine being in that situation while trying to provide life saving treatment in a busy medical setting. In the everyday world of a clinician, a patient’s trip to the hospital often prompts a reactionary call to the IT help desk in search of that ever elusive password.
In order to help clinicians make more informed decisions and increase the quality of care, healthcare data has gone electronic. With this increased access to health information, many healthcare organizations feel unprepared to protect patient privacy and secure data. In fact, a number one compliant of clinicians is having to remember multiple passwords in order to protect health information from prying eyes.
Securing the Most Private of All Data
Open to the public 24/7, and being the keeper of the most private of all data, healthcare organizations are unlike any other in terms of security challenges. A doctor cannot expect a patient to openly disclose private information if that patient fears that they may be harmed by that disclosure. Any information withheld out of fear can have a dramatic impact on the care received. It is easy to understand why one may feel tempted to leave a data source open for ease of access. This risk increases when multiple sources of data require different log in credentials. While no one questions the importance of privacy in the practice of medicine, human error and inside data breaches are the most common sources of data security troubles for a healthcare organization.
A Difficult Problem with a Simple Solution
The answer is not to create a policy promising 30 lashes for each unlocked workstation. The answer is to make securing data easier on busy clinicians. For many the increasingly common answer is single sign-on technology (SSO). With SSO, a clinician is given a single set of log in credentials to all applications they are authorized to view. SSO also provides clinicians with self-service password reset, which lessens the burden on an already taxed IT department and increases a clinician’s EHR experience at the same time.
When it comes to protecting workstations, Microsoft’s Vergence is one example of a healthcare specific SSO solution. With Vergence, healthcare organizations can minimize time-consuming and error-prone activities that clinicians attempt to hurdle while accessing patient records. With fast user switching that is role-based, clinicians can easily share workstations without compromising the most private of all data. One of my favorite features is context management, which allows clinicians to select the patient of interest once, in any application, in order to tune all applications to the same patient, which saves time and minimizes the risk of mixing patient data. A drop-down list of recently viewed patients can also be used for selecting a patient’s record for viewing across multiple applications. The built-in privacy auditor can also be used to provide a centralized audit capability that tracks access to each patient’s records, which will make the CFO breath easier as well.