How To Secure An Emr-Link System Architecture



Similar documents
ProgressBook CentralAdmin User Guide

BlackShield ID Agent for Remote Web Workplace

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

Fus - Exchange ControlPanel Admin Guide Feb V1.0. Exchange ControlPanel Administration Guide

FileCloud Security FAQ

Overview How it works: Features: Page 1

How To Secure An Rsa Authentication Agent

Introduction to the Mobile Access Gateway

Supplier Information Security Addendum for GE Restricted Data

Virto Password Reset Web Part for SharePoint. Release Installation and User Guide

User Guide. Version R91. English

Single Sign-On Guide for Blackbaud NetCommunity and The Patron Edge Online

Enterprise Security Interests Require SSL with telnet server from outside the LAN

White Paper. BD Assurity Linc Software Security. Overview

Sonian Getting Started Guide October 2008

Use of Exchange Mail and Diary Service Code of Practice

Administering the Web Server (IIS) Role of Windows Server

DATA PROTECTION. OneWorld Encrypted Messages USER GUIDE

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

FirePass SSLVPN Client Software Deployment Guide For Windows Mobile 5 and 6 Devices MAN

qliqdirect Active Directory Guide

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Active Directory Self-Service FAQ

WatchDox SharePoint Beta Guide. Application Version 1.0.0

1. Product Information

Virtual Cabinet Document Portal User Guide

Frequently Asked Questions

Online Backup Client User Manual Linux

NetWrix Logon Reporter V 2.0

FileMaker Security Guide The Key to Securing Your Apps

TARGETPROCESS HELP DESK PORTAL

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Netwrix Auditor for Active Directory

Guideline on Auditing and Log Management

RFG Secure FTP. Web Interface

Smart Card Authentication Client. Administrator's Guide

Quick Reference Guide PAYMENT GATEWAY (Virtual Terminal)

PA-DSS Implementation Guide for. Sage MAS 90 and 200 ERP. Credit Card Processing

Accessing the Media General SSL VPN

Microsoft Administering the Web Server (IIS) Role of Windows Server

Background Information

RecoveryVault Express Client User Manual

MS 10972A Administering the Web Server (IIS) Role of Windows Server

Administration Guide. . All right reserved. For more information about Specops Password Sync and other Specops products, visit

Cloud Services MDM. ios User Guide

Security IIS Service Lesson 6

Administering the Web Server (IIS) Role of Windows Server

RSA Authentication Manager 7.1 Basic Exercises

Administering the Web Server (IIS) Role of Windows Server 10972B; 5 Days

10972-Administering the Web Server (IIS) Role of Windows Server

Hang Seng HSBCnet Security. May 2016

Secret Server Qualys Integration Guide

Portal User Guide. Customers. Version 1.1. May of 5

RSA Authentication Manager 7.1 Security Best Practices Guide. Version 2

Introduction to WSU

Online Backup Linux Client User Manual

Configuring User Identification via Active Directory

AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT FIVE. Microsoft Windows Security.

RAYSAFE S1 SECURITY WHITEPAPER VERSION B. RaySafe S1 SECURITY WHITEPAPER

Online Backup Client User Manual

Knowledge Base. Setup GoogleApps in Outlook Pages. Zeumic Pty Ltd. PO Box 44 Kew, VIC Australia 3101

Global TAC Secure FTP Site Customer User Guide

Agent Configuration Guide

SonicWALL PCI 1.1 Implementation Guide

Outlook Express POP Instructions - Bloomsburg University Students

User's Guide. Product Version: Publication Date: 7/25/2011

W H IT E P A P E R. Salesforce CRM Security Audit Guide

SonicWALL SSL VPN 3.5: Virtual Assist

Cybersecurity Health Check At A Glance

DIRECTORY PASSWORD V1.2 Quick Start Guide

Sage 200 Web Time & Expenses Guide

Media Shuttle s Defense-in- Depth Security Strategy

Accessing TP SSL VPN

Server Security. Contents. Is Rumpus Secure? 2. Use Care When Creating User Accounts 2. Managing Passwords 3. Watch Out For Aliases 4

Netwrix Auditor for SQL Server

Virtual Code Authentication User s Guide. June 25, 2015

Chapter 7 Managing Users, Authentication, and Certificates

Administration Guide. BlackBerry Enterprise Service 12. Version 12.0

Quick Setup Guide. 2 System requirements and licensing Kerio Technologies s.r.o. All rights reserved.

ing from The E2 Shop System address Server Name Server Port, Encryption Protocol, Encryption Type, SMTP User ID SMTP Password

Portal Administration. Administrator Guide

PowerLink for Blackboard Vista and Campus Edition Install Guide

Marcum LLP MFT Guide

Internet Remote Access FirePass SSL VPN

HIPAA Compliance Use Case

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

Talk Internet User Guides Controlgate Administrative User Guide

How to Give Admin Rights to Students on the ADGRM Domain

My FreeScan Vulnerabilities Report

NETWRIX ACCOUNT LOCKOUT EXAMINER

Achieving PCI COMPLIANCE with the 2020 Audit & Control Suite.

Workflow Templates Library

Cloudfinder for Office 365 User Guide. November 2013

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Internet Information Services (IIS)

How to Configure Captive Portal

10972B: Administering the Web Server (IIS) Role of Windows Server

Remote Access Procedure. e-governance

Transcription:

EMR-Link Security Administration Guide Introduction This guide provides an overview of the security measures built into EMR-Link, and how your organization s security policies can be implemented with these mechanisms. All security settings are under control of the admin user(s) in your organization. Security Overview Secure Connections over the Internet EMR-Link is a cloud-based service, running on Liaison servers in secure data centers. These data centers provide strong security to protect the system from unauthorized physical access as well as from unauthorized use over the Internet. Users connect to EMR-Link using a secure SSL connection from a web browser. SSL is enabled automatically and requires no user action. Users authenticate with EMR-Link using a username and password. System-to-system connections with EMR-Link, such as from an EHR or a lab system, is made over an encrypted communications channel. This may be SSL or may be a VPN or other mechanism, depending on the technical details of the system with which EMR-Link is connected. Authentication of both ends of the connection is done via a security key; usage depends on the details of the connection. Security Infrastructure At the EMR-Link data center, a series of firewalls insulates different parts of the system to provide multiple layers of security. Servers storing Protected Health Information are not directly accessible from the Internet, but only from the application servers and through the Liaison administrative VPN. Customer Security Responsibilities Managing security settings and user accounts is delegated to the customer organization, to allow implementation of customer-specific security policies. And because EMR-Link connects with and works in conjunction with the EHR, overall security depends on securing the EHR environment and the customer s networks and workstations, as well as proper use of security settings within EMR-Link. The customer has these specific responsibilities: Configuring EMR-Link security settings in accordance with the customer s security policies. Creating user accounts and assigning appropriate permissions based on the user s role, and modification or termination of user accounts when responsibilities change. Monitoring the EMR-Link audit log for any unauthorized activity. EMR-Link System Architecture 1 Last updated: 3/12/2015

EMR-Link Security Settings Passwords The first step in configuring security is to establish a password policy, to determine the complexity of passwords, when they expire, and how to handle login failures that may be evidence of attempts to gain unauthorized access to the system. The screenshot below shows the password settings. Password Expiration this setting controls how long a given password can be used before it must be changed. Good password policy requires periodic password changes, to limit the usability of passwords that might have been compromised in the past. Password Requirements these settings control how complex passwords must be. Complex passwords are more difficult to guess or to attack using brute force methods. The password reuse limit prevents a user from recycling the same small number of passwords, so that new passwords must be selected. Account Lockout this setting helps delay attempts to guess a password, by limiting the number of attempts that can be made in a specific period of time. Since password guessing requires a large number EMR-Link System Architecture 2 Last updated: 3/12/2015

of attempts, this feature can make password guessing infeasible. The user account is automatically unlocked after a period of time, or can be manually unlocked by an administrator. Sessions When a user logs in, a new user session is created. Automatic termination of idle sessions is important to help prevent unauthorized use of an unattended workstation. There is also a setting to enable manual locking. This allows a user to lock their EMR-Link session when leaving their workstation, without logging out. The user will then need to re-enter their password to reactivate the session. Other Security Settings Integrated Authentication EMR-Link provides a mechanism to connect to the customer s own authentication system, such as Active Directory. This requires installing a redirection page on the customer s intranet server; EMR-Link Support can assist with configuring this. Mobile Settings these settings control authentication from a mobile device, when using EMR-Link Mobile. Server Side View Authentication Settings these settings control authentication for viewing server-side results via a URL from within the EMR. EMR-Link System Architecture 3 Last updated: 3/12/2015

Managing EMR-Link Users Permissions and Roles EMR-Link provides a set of permissions that can be assigned to a user login. Based on the user s permissions, certain features within EMR-Link are enabled or disabled. Users should be provided the minimum access consistent with their job requirements. In particular, there are two functional areas that should be carefully considered for each user: The need to access Protected Health Information; The need to be able to change EMR-Link settings. Creating and Managing Users User accounts are created from the Users navigation tab. When creating a new user account or modifying an existing account, the permission settings below are available. The EMR-Link username must be globally unique across all EMR-Link users, so an email address is a good choice. The name field provides the name used in reports and on user screens. Phone is optional and is provided for information only. The email field must be populated; this field is used if a user needs to reset his/her own password. A specific password can be entered and this is required when creating a new account. The Require Password Change checkbox should be checked for new user accounts or when an admin manually resets the password, to force the user to select a different password when they log in. There is also an option to manually unlock a locked account. The user permissions for the account should be verified, and modified if needed. The permissions are as follows: Manage Users allows viewing and modifying user accounts. Since this provides the ability to modify (i.e., increase) the permissions of users, it should be set only for admin users who specifically need to manage user accounts. View Users allows visibility of the set of user accounts but not the ability to change them. EMR-Link System Architecture 4 Last updated: 3/12/2015

Manage Config allows an administrator to change EMR-Link settings. This should be reserved for a small number of users who are responsible for managing lab settings, insurance lists, test code maps, and other settings. View Config allows only read access to settings. No editing is allowed. Manage Orders allows a user to create and modify orders. This permission allows access to PHI associated with orders. View Orders allows only read access to order data. PHI is visible, but no editing allowed. Manage Results allows a user to view and manage result reports, including PHI associated with those documents. View Results allows only read access to results data. PHI is visible, but no editing allowed. View Reports enables various reporting functions within EMR-Link. Some reports contain PHI; in that case a user only has access to those reports if they have the appropriate Manage Orders or Manage Results permission. Emergency Access this permission can be provided to a user who may need PHI access under exceptional circumstances, but where this access must be justified and documented on a caseby case basis. Such a user can invoke emergency access but must provide a written reason (which is stored in the audit log). Any user with View/Manage Orders or View/Manage Results is understood to have PHI access. Locations of Care EMR-Link supports multiple locations of care (LOCs) within a single EMR-Link account, and can restrict the ability of a user to access data in more than one location. This serves to modify the Manage Orders and Manage Results permissions. A given user can have access to all LOCs or to only specified ones. Provider List Patient information and lab results are associated with a specific provider from the provider list in EMR- Link. A provider and a user are not the same thing; for example, an MD may be creating orders that are sent through EMR-Link but the actual user logging into EMR-Link is a nurse or phlebotomist, not the MD. EMR-Link System Architecture 5 Last updated: 3/12/2015

A user account can be associated with specific providers, or to all providers. If limited to a specific set of providers, the user will see only orders, results and patient data for those specific providers. In addition, there may be data which doesn t explicitly identify a provider or an LOC, and a user may or may not have access to this information. Using the Audit Log All user actions in EMR-Link are logged to the Audit Log. Access to this log is achieved through the Reports tab. The log can be filtered and sorted using the controls below: The acting user or all users can be seen in the report, and the report can be organized by date, user or event type. Selecting next to Event Type provides a screen to select the events of interest: EMR-Link System Architecture 6 Last updated: 3/12/2015

Once the desired options have been set, data is displayed in a table and can be exported to a file for other uses. EMR-Link System Architecture 7 Last updated: 3/12/2015

Security When Accessing EMR-Link from Your EHR Configuration Information The details of how an EHR connects directly to EMR-Link for sending orders or retrieving results varies from one EHR type to another. The most common method is through use of a client component called FlexConnector, installed on servers or workstations that need access to EMR-Link. FlexConnector uses an auth key to identify the EMR-Link account to which it connects. The auth key must be protected from unauthorized access, and the FlexConnector itself must be protected from tampering, to avoid unauthorized access to EMR-Link. File System Security In most cases results are delivered to the EHR by first downloading them to an inbox folder on the EHR system, and then using the EHR s data import capabilities to move the results into the EHR. These downloaded files contain PHI and depending on the specific EHR, they may or may not be removed once they are imported. The customer should assure that this inbox is protected against unauthorized access and that the lab results files are removed or securely archived once they have been processed. Some EHRs use a corresponding method for sending orders, and these should be protected similarly. EMR-Link System Architecture 8 Last updated: 3/12/2015

Workstation Security Because EMR-Link is accessed from a web browser on the user s workstation, security gaps at the workstation can result in unauthorized access to data in EMR-Link. The customer is responsible for appropriate security policies, procedures and technical measures for workstation security, including: Maintaining the system with the appropriate security updates and patches; Use of anti-malware software on each workstation; Network security to prevent access to workstations from outside; Locking screensavers, session timeouts, password policies, and browser security settings as appropriate; Acceptable use and security policies and training of employees on security. EMR-Link System Architecture 9 Last updated: 3/12/2015

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information