User Access Levels and Strong Passwords

With modern technology and stringent data regulations, the more you can do to secure your patient data the better.

In this article, we will show you some more advanced ways to secure your patient data from prying eyes.
 

Tailoring data access for your employees

Noah System provides 3 different levels of user access, Administrator, Level 1 and Level 2.  HIMSA recommends that your business take time to carefully consider the following:

  • Which individual or group of employees should have Administrator access?  Users designated with ‘Administrator’ have access to perform all supported features.
  • Which features should be available to different employees of your business?  This is a good time to consider that people can and do make mistakes.  Employees can also have the possibility of acting improperly or illegally.  Take time to consider if the default settings are appropriate for your business and if not, make the appropriate setting changes. 


Controllable Feature

 

Description

 

Set user password  

Allows the user to determine the password that will be used.  If not allowed in Noah System, a user with administrative privileges will need to set the password and then securely communicate this information to that user.

 

Import/Export in Noah Native Format  

Allows the user to export a complete patient(s) record in the format .nha ,.nhax, or ,enhax. This is a HIMSA proprietary format that will contain both demographic and all action data for the patient(s).   .enhax is the only format that is encrypted. 

 

Import/Export in other formats  

Allows the user to export a patient or group of patients in a CSV or XML format. Unless your business is making use of this feature (e.g. using the patient demographic data for purposes of a mail merge) then it is suggested that this feature not be enabled.

 

Delete data  

Allows the user to delete a patient record(s) or action(s).

 

Print patient demographic data  

Allows the user to print basic reports that are provided by Noah System.  This has no impact on printing a report using a Noah compatible module.

 

Print Noah-related data  

This controls two print related features:  Noah System provided patient reports & Print request sent to a module via right mouse click on session browser action.  This has no impact on printing a report using a Noah compatible module.

 

Data Administration  

Allows for the ability to use database administration related features. They have access to all the Data Administration Features.  For more details, click here.  

 

Set up patient demographic data  

Allows for the ability to setup the patient demographic fields and to Add, Delete and Edit patient categories.  Provides control to set:

  • What fields are active and required
  • Field location (Main View or Advanced View), including order
  • Edit the Names of the "Other 1 and 2" fields

View activity log file  

Allows the ability to review and export the Noah activity log (audit trail) keeps track of all activity. It can be used to proactively review other user’s activity as well as perform detailed investigations if improper usage is suspected.  For more details, click here

 

Now that you reviewed and potentially made changes to user levels, make sure that each Noah user has their own user account and apply the correct level to each user.

 

Use the strong user password feature in Noah


Check the strong user passwords feature in the Login Settings. This will ensure that your Noah users use more secure passwords for their accounts.

Strong passwords need to be at least 8 characters long. In addition, they must contain a mixture of capital letters, numbers and other non-alphanumeric characters.

 

Microsoft Active Directory and Azure Active Directory

Noah System 4.9 and newer also support integration with Microsoft Active Directory and Azure Active Directory. Click here for more information