Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Database Administrator Security

Posted on January 20, 2006 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The Healthcare IT Guy gives some good food for thought when looking at your database administrator and the security of your database. Database administrators often have access to all of the medical information by looking directly at the database. This is often gone unaudited and unmanaged. As part of any HIPAA policy this issue should be addressed and documented. The best way I know how to do this is through implementing a strict policy with stiff penalties if it is ever breached. I think it would be hard to prove that they breached it, but at least it can insulate you from the “HIPAA police”. I’ll continue my research on the subject and post them here as I find them. Unfortunately, I expect that many of them will be database vendor specific.

More importantly, you should seriously consider who you’re hiring as your database administrator. They really have power to do all sorts of bad if they wanted.

E-prescribing and Alerts

Posted on I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

One of the possible advantages of an EMR system is that you can have your EMR tell you of potential interactions between drugs prescribed to a patient or even Drugs that can’t be given because of certain allergies. This is a great feature, but there are cases where the suggestion needs to be ignored. How do you handle that in an EMR is an important question and what liability does a clinic have if a doctor decides to ignore it?

A recent article described a good study that was done and gave some good ideas. Here some important points I found from the study:

-Quality alerts will be used by Doctors, espescially when they are specific
-Doctors often have to ignore the alert since the patient needs the medication

I also really like how they did the study by forcing doctors to give a reason why they are ignoring the alert. I think that could significantly help with liability problems.