Control Authorized Access in Health Care Systems
The Health industry makes use of Information Technology for operational and strategic purposes. Increasing cost pressures have seen more outsourcing of external system administrators that help maintain health systems. It is therefore paramount to control such authorized access as private and valuable medical information can be viewed or leaked from an organization.
Benefits for YOUR IT Infrastructure using TBS Backplane Service
- Increased Control of System Administrator and Server Provider Access
- Improved Cooperation
- Concrete Visual Evidence
- VideoLog Recordings Aid Rapid Problem Resolutions
- Ensure Compliance with Company Policies
- HIPAA, SOX & COBIT Compliant
Our solution will prevent system administrators from accessing private medical data and help management reassure the public that their medical information will be kept secure and confidential. System administrators will be given restrictions on when, how long and in which areas they can access the IT infrastructure.
Our VideoLog technology provides evidence as to whether any confidential lab results or patient medical records have been accessed by employees or system administrators. Our solution provides the proof of the steps carried out by users and the people in charge of maintaining and operating your IT network by means of digital film.
In addition to Sarbanes-Oxley Act, COBIT and HIPAA, our solution also helps meet the requirements of the World Health Organisation (WHO) in the need to “formulate cost-effective eHealth strategies reflecting principles of confidentiality of information, privacy, equity and equality”. VideoLogs and uploaded / downloaded files are stored in a sustainable format – including the date, time and the name of the operator. This enables you to reconstruct and, even more importantly, prove who downloaded or executed which files when.
Don´t Become a Statistic
“A former computer systems administrator for Medco Health Solutions, Inc. pleaded guilty to planting a “logic bomb” in Medco’s computer systems that was designed to wipe out critical data stored on more than 70 servers. Andy Lin, 51 modified existing computer code and added additional code designed to wipe out computer servers on Medco’s network. Among the databases operated from the affected servers was a patient-specific drug interaction conflict database known as the Drug Utilization Review (DUR).”
United States Department of Justice U.S. Attorney, District of New Jersey September 19, 2007