Tag: HIPAA – HITECH – HITRUST

Overview of ACIS at Advanced Clinical Information System

What is Advanced Clinical Information System (ACIS)? IT system that combines patient information from the bedside, laboratory, pharmacy, nurse’s station and emergency department. A clinical tool that will enhance patient safety. Includes hardware, software, applications and infrastructure for storing and networking advanced clinical and patient information. Enable Clinicians to use a computerized patient record that… Continue reading Overview of ACIS at Advanced Clinical Information System

ACIS Translating Evidence into Practice

The lag between the discovery of more efficacious forms of treatment and their incorporation into routine patient care is unnecessarily long, in the range of about 15 to 20 years. Information organized & deployable Physician Agreement Information Translated Into Care Other Drivers for Change Physician productivity increases to keep pace with declining reimbursement The amount… Continue reading ACIS Translating Evidence into Practice

Cerner / Meditech Application Summaries

Emergency Department (ED) Tracking lists SVI ALL ED Beds SVI Triage SVI Reg SVI DR SVI Tech SVI Provider SVI Admit SVI Fin Planner SVI Waitroom SVI Checkout SVI Tracking Board Bed Held Status Name Acuity LOS ED Visit Reason DR RN Events Lab Rad Comments Triage ED Trauma Scoring EENT Cardiovascular Respitory Muscoloskelatal OB/GYN… Continue reading Cerner / Meditech Application Summaries

SAML Integration: Single Sign-On (SSO) for Cloud Apps

The user enters the URL to access the on-premises application through Application Proxy. Application Proxy redirects the request to Azure AD authentication services to preauthenticate. At this point, Azure AD applies any applicable authentication and authorization policies, such as multifactor authentication. If the user is validated, Azure AD creates a token and sends it to… Continue reading SAML Integration: Single Sign-On (SSO) for Cloud Apps

Sample – Secure Configuration Policy

Introduction The purpose of this policy is to establish standards for the base configuration of internal server equipment that is owned and/or operated by Corporate. Effective implementation of this policy will minimize unauthorized access to corporate proprietary information and technology. Scope This policy applies to server equipment owned and/or operated by Corporate, and to servers… Continue reading Sample – Secure Configuration Policy

Sample – Corporate Implementation Services

Policy Executive Summary Corporate recognizes the importance of adherence to policies and procedures when implementing new customer projects. In an effort to mitigate both the corporate risk as well Customer risk this Implementation Policy has been developed. The policy will serve as the implementation guidelines which will be utilized to support all new customer implementation… Continue reading Sample – Corporate Implementation Services

Sample – Media Handling Policy

Introduction The purpose of this policy is to ensure all electronic information and licensed software are properly removed when disposing of computers with hard drives. A large volume of electronic information is stored on computer hard disk and other electronic media throughout Corporate. Much of this information is sensitive to disclosure due to its confidentiality.… Continue reading Sample – Media Handling Policy

Sample – OS Hardening Guidelines

OS Hardening is the process of carefully considering the configuration of the underlying Operating Systems in order to reduce the security risk. To minimize the exposure of possible vulnerabilities, there are a variety of OS-specific installation, configuration options and parameters to consider. The desired outcome is to reduce the chances of a system compromise. Operating… Continue reading Sample – OS Hardening Guidelines

Sample – Administering Anti-Virus Software Policy

Introduction The purpose of this policy is to describe how the Windows anti-virus software is configured to monitor virus activity in order to detect and prevent transmission of data or files that contain certain virus signatures. It also describes how the Exchange / SMTP anti-virus software is configured to monitor mail-related traffic to detect and… Continue reading Sample – Administering Anti-Virus Software Policy

Sample – Encryption Policy

Introduction The purpose of this policy is to provide guidance that limits the use of encryption to those algorithms that have received substantial public review and have been proven to work effectively. Additionally, this policy provides direction to ensure Federal regulations are followed, and legal authority is granted for the dissemination and use of encryption… Continue reading Sample – Encryption Policy

Sample Visio – The Risk Management Process

Sample Visio download The Risk Management Process

Sample – Corporate Implementation Services

Policy Executive Summary Corporate recognizes the importance of adherence to policies and procedures when implementing new customer projects. In an effort to mitigate both the Corporate risk as well Customer risk this Implementation Policy has been developed. The policy will serve as the implementation guidelines which will be utilized to support all new customer implementation… Continue reading Sample – Corporate Implementation Services

Sample Visio – OS Hardening Process Workflow

Sample Visio OS Hardening Process Workflow Some of the independent resources available include: Center for Internet Security (CIS):  http://benchmarks.cisecurity.org/ National Institute of Standards and Technology (NIST):  http://csrc.nist.gov/publications/nistpubs/800-123/SP800-123.pdf National Security Agency (NSA):  https://www.csiac.org/reference-doc/security-configuration-guides-operating-systems/

IT and Security Monitoring Made Easy For Hospitals and Clinics

Challenges Maintaining availability of critical servers and applications serving the ER, lab, radiology, etc. Providing doctors with instant access to client records from anywhere and at anytime Reliability of diagnostics machines as they “commit records” Slow response time when accessing clinical repositories Visibility into slow service issues and ability to proactively identify causes of delay… Continue reading IT and Security Monitoring Made Easy For Hospitals and Clinics

Meditech Magic POC Considerations

Imaging and Therapeutic Services (ITS) Overview Review of MEDITECH and the MEDITECH system Review of the Implementation Process Discuss procedures for reporting issues Illustrate the implementation contact hierarchy (communication tree) Review MEDITECH’s custom programming policy Discuss roles of your organization’s implementation team as well as the ITS-Denver staff (Implementation Analyst and Project Manager) Train on… Continue reading Meditech Magic POC Considerations

What is ChartScript

ChartScript is a medical-transcription document management system used to transcribe physician dictation and prepare for physician review of the document and electronic signature via the ESA (electronic signature authentication) module. Voice Wave (DVI) is a voice dictation system that provides clinicians quick access and efficiency for care provider dictation.