January 20, 2006

Database Administrator Security

Written by: John
Sign up to receive all the latest EMR, EHR, Simulus, and Healthcare IT Updates.
Filed under: add to del.icio.us

        

The Healthcare IT Guy gives some good food for thought when looking at your database administrator and the security of your database. Database administrators often have access to all of the medical information by looking directly at the database. This is often gone unaudited and unmanaged. As part of any HIPAA policy this issue should be addressed and documented. The best way I know how to do this is through implementing a strict policy with stiff penalties if it is ever breached. I think it would be hard to prove that they breached it, but at least it can insulate you from the “HIPAA police”. I’ll continue my research on the subject and post them here as I find them. Unfortunately, I expect that many of them will be database vendor specific.

More importantly, you should seriously consider who you’re hiring as your database administrator. They really have power to do all sorts of bad if they wanted.

Related Articles
  • Biometrics – Security, Password Change Policy
  • Shared Folder Security Snafu
  • Wireless Technology/Security
  • HIPAA Enforcement Security Rule Final Publish
  • EMR Security Problem

    • Look for similar articles under these categories: 

    No responses to "Database Administrator Security"

    Leave a Reply
    Commenting policy: Some comments run the risk of being deleted. These include comments that are spam or cannot be understood or are rude.
    You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
    Top - Home