IT Security Guideline – Emergency Access Controls and Password Use
August 2, 2015This procedure is to ensure that access controls do not interfere with critical and timely access to patient information.
This is to be accomplished by the following:
Prepare 2 packets of sealed envelopes with full access information and store it in a secure area. The accesses included in each packet are Network, Meditech, ChartMaxx and Dictaphone.
Passwords are to require user to change them the first time they access the system(s).
Provide doctors and nurses with full access including username and password.
After this emergency access process is activated, IT management must be notified as soon as reasonably possible.
After these emergency access capabilities are used, a full audit must be conducted.
After emergency access is no longer needed, accounts will be deactivated and new emergency accounts are to be created for use in the next emergency situation.