Home E-Weekly July 5, 2016

Health Care Often Oblivious to Data Security

Published: July 5, 2016

When concerns about cybersecurity run counter to perceived concerns about convenience, efficiency and patient safety, clinicians and other healthcare staff brazenly employ workarounds, paying little or no mind to potential data security breaches, a study finds.

The problem, researchers say, is that those who build, use and maintain the systems don't sufficiently consider actual clinical workflow. So "in hospital after hospital and clinic after clinic, users write down passwords everywhere, sticky notes form sticky stalagmites on medical devices and in medication preparation rooms," and supply rooms with locked doors have lock codes written on the door, because no one wants to prevent clinicians who don't remember the code, from getting to emergency supplies.

In other cases, dangerous deficiencies require workarounds, they say. For example, one EHR forces clinicians to order blood thinners before they can end their computer sessions — even if the patient is already on blood thinners. So clinicians must order a potentially lethal second dose, quit the system, then re-log-in and cancel the second dose.

To understand and overcome such issues, say the authors, it's necessary to conduct interviews and focus groups, observe and shadow clinicians, attend meetings and survey staff. In the inevitable conflict between well-intended people and the machines and machine rule-makers, "people are more creative and motivated," they say, "especially in healthcare settings, with professionals who carry the responsibility of patient care."

Jim Burger

New to Outpatient Surgery Magazine?
Sign-up to continue reading this article.
Register Now
Have an account? Please log in:
Email Address:
  Remember my login on this computer

advertiser banner

Other Articles That May Interest You

Business Advisor

Sending Pre-op Text Alerts and Reminders