Configuring Electronic Health Records: Privacy and Security in the US Discussion Questions with Expected Outcomes

chainbirdinhandΑσφάλεια

23 Φεβ 2014 (πριν από 3 χρόνια και 3 μήνες)

74 εμφανίσεις



Health IT Workforce Curriculum

Configuring Electronic Health Records

1

Version 3.0
/
Spring 2012

Privacy and Security in the US



This material (Comp
11
_Unit
7
) was developed by Oregon Health and Science Unive
rsity, funded by the Department of Health and
Human Services, Office of the National Coordinator for Health Information Technology under Award Number IU24OC000015.


Configuring Electronic Health Records
:
Privacy and Security in the US


Discussion Questions

with Expected Outcomes


Discussion questions (for individual assignments or small group discussion):


1.
Identify the

authentication policy for a small hospital
.

Yo
ur group has just been named as the team to define the authentication policy for a
small hospital. What do you recommend?


Expected Outcome:

There is no single correct answer. However, during the discussion the group should
consider multi
-
factor authent
ication, biometric authentication, passwords and the cost of
implementation, as well as users who infrequently access the system.

The group
should also consider the number of systems that require independent authentication.


If passwords are selected as p
art of the authentication policy,
the trade
-
offs between
strength and usability should be considered, and whether too strict a policy will result in
an inability for the users to remember passwords and any potential consequences, such
as artifacts and pass
word sharing.


The final policy should be detailed

enough to present to the instructor in the role of the
hospital’s chief information officer, and the group should be able to defend their choices
to the instructor.


Objective(s):
5

Lecture(s)/Slide(s):
d1
7
-
d25