Saturday, April 4, 2009

OSCAR EMR Security

"Will my medical records be safe?" This is what is all reduces to. This is what patients are concerned about. This is what practitioners are concerned about.

Before the deployment of your EMR, you may have your medical records in locked cabinets, within a locked room, within a locked office, and within a locked building. Most, however, have their files on open shelves in a locked office, within a locked building.

In the world of paper charts, the concept of offsite access and offsite backup is usually a function of the files that you've taken home with you at the end of the day.

By computerizing your infrastructure, you will clearly gain new functionality (e.g. reviewing lab results from the Bahamas), but how does this affect the security of your medical information?

Unfortunately, all EMRs are different and thus the security of your medical records are a factor of the EMR you select and the architectural decisions made during its construction.

The good news for OSCAR users and the patients they care for is that you are in safe hands. You don't have to take our word for it. OSCAR is an open source project and as such, the security model is plainly available for anyone to look at, review, evaluate, and improve.

When you select an EMR, you should insist on reviewing or performing an independent third party security audit of their system before your entrust your records in their package. It is not acceptable to "just trust them". It is not acceptable to believe that the mechanism used to implement the security of your medical records is "a secret".

Within the security community, it is a known truism that publicly available, tested, peer-reviewed and improved security mechanisms are significantly more secure than those mechanisms that are based on the cleverness of a hidden algorithm. It is important to realize that no reputable scientist disputes this fact.

In the security world, it is what you don't know that kills you. For an example, review how Researchers Crack Medeco High-Security Locks With Plastic Keys.

It is no secret that some consumer operating systems are inherently insecure. OSCAR starts on a secure foundation. OSCAR was designed to run on the open source UNIX operating system. UNIX is a very old operating system. It was first designed in 1969 by a group of very clever folks at Bell Labs. In the 40 year history of UNIX, it has become the industrial operating system of choice due to it's flexibility, efficiency, and robust security.

OSCAR uses a number of significant open source packages, including the Apache-Tomcat web applications framework, the MySQL, PostgreSQL relational databases, SSL & PGP encryption technologies, and the JAVA programming language. Each of these open source projects were designed with security in mind, have been deployed and tested on hundreds of millions of servers around the world, and have been challenged and enhanced repeatedly over the years.

OSCAR users don't access the infrastructure directly. OSCAR runs as an unprivileged application within an overall secure environment. OSCAR users access the application, the application accesses the needed infrastructure as required.

Clearly OSCAR is based on a secure, robust and tested platform, but what about the OSCAR application itself?

Let's start with the login and take if from there.

Before you connect to the server, your web browser will encrypt the data stream between you and OSCAR. If you try to access OSCAR via an unencrypted channel, your server can be configured to reject your connection, or redirect you to the encrypted one. OSCAR can be configured to force users to supply secondary passwords to gain access from any computer, or from just those machines not physically connected to your local office network. OSCAR can be configured to allow connections only from specific computers, machines that have been authorized by OSCAR administrators in advance, whether these computers are local or remote.

Once OSCAR users log in, the security doesn't stop. What you actually see as a user is dependent on what role you've been assigned.

OSCAR comes pre-configured with specific security roles for a number of typical users:

  • Admin
  • Doctor
  • ER_clerk
  • External
  • Locum
  • Nurse
  • Receptionist
  • Remote_access
  • Vaccine Provider

    And these roles are easily expandable to meet your specific needs.

    The access rights of your users are then configurable at the object level:

    This gives you incredible control over who gets to see and do what, and under which circumstances.

    OSCAR has a legally relevant audit trail. What this means is that everything that anyone does in OSCAR is tracked and timestamped. If a user writes a prescription, it is tracked. If a user views a chart, it is logged.

    If information is accessed and modified, not only is it logged, but the modifications are tracked so that you can view both the "before" & "after" records.

    OSCAR security has been designed throughout the system, and the system was designed with security in mind.

    However the best security in the world is useless if users will turn it off because it gets in the way of ease of use and simplicity of operation. Once again, OSCAR has taken this challenge up.

    OSCAR users typically find that a correct balance has been achieved. Layers of security prevent unauthorized access to the system, but authorized users have full and easy access to the platform, making the day to day use of the system a joy to work with.

    It is nice to know that you can count on an electronic medical record system that has been designed to give you the security that you need today and into the future.
  • No comments: