Welcome to the Sentia Health Blog site! I have been reading the Health IT and Insurance blogs for years and sometimes commenting but never written my particular views on the subject from scratch. So here we are. My goal is to bring the expertise of development to the conversation. I see lots of "we should do this or that" but no real plan to move forward. Until now.
A few mornings ago, I was clicking around and it seemed that the general topic of conversation in the Health IT blogosphere was security. On the Chilmark Research
site they are shouting about Happtique shutting its doors because they found some glaring security holes. I did a search and found that Wellpoint was fined $1.7 million for exposing health and demographic information and Social Security numbers across the internet (for details click here
) while Cignet Health is fined $4.3 million for not providing patients their own records (for details click here
). What is the takeaway? You have to give your patients access and that access has to be secure.
I know from my experience as a software developer for more than two decades that security is an add on in 99% of all development situations and clearly that is what is going on here. If you go to Dice.com
you can see thousands of jobs for "Senior Security Architect" or "Information Security Specialist – Cloud Technology." Making your specialty security in the IT world is a little like a chef who calls his specialty boiling water. Security is part and parcel of any application.
So how do WE
do it? I’m glad you asked. First, we have one user that has access to the database from the internet. On our production sites (that have completed development) there is that user and one more, the System Administrator. I know this because that System Administrator wears my underwear and shaves my face in the morning. The internet user is denied privileges on all data tables and can only "see" the procedures we give it access to. Because we do everything exactly the same way every time, we have a procedure that programmatically grants that user the privileges it needs to get the job done. This one internet user is a proxy for the end users, meaning that they supply their own username and password that is passed into the application over https (secure sockets, SSL, is ultra-secure unless the NSA is looking and we can foil even them, more on that later) where the end user is issued a Globally Unique Identifier(GUID
) that identifies that sessions and a LastActivity, so we can time out inactive users. This GUID not only identifies the session but also the user in the session and the session’s machine name and Internet Service Provider (ISP). We check all of this every time the user makes a request to the database to make sure that the session is live, has access to the records they are trying to view and hasn’t been hijacked by a "man-in-the-middle." Just as important as limiting access to need-to-know users is auditing. Inside the procedures the internet user sees, is logic (again same way every time) to validate the end user’s session and to document what they are doing. In Sentia’s Electronic Medical Record Management System (EMR) we can tell you who looked at a patient, what they saw, if they changed anything, what the old values were, what the new values are and when it was done. So far, we have kept every record of every change made in the production environment for thousands of patients.
Maybe this doesn’t really make sense to anyone but us, and that is ok. Before YOU
Mr. or Ms. HealthcareITUser spend another dime on technology, make sure your vendor has at least as good an answer as we do.