With modern technology and stringent data regulations, the more you can do to secure your patient data the better.
In this article, we will show you some more advanced ways to secure your patient data from prying eyes.
Tailoring data access for your employees
Noah System provides 3 different levels of user access, Administrator, Level 1 and Level 2. HIMSA recommends that your business take time to carefully consider the following:
- Which individual or group of employees should have Administrator access? Users designated with ‘Administrator’ have access to perform all supported features.
- Which features should be available to different employees of your business? This is a good time to consider that people can and do make mistakes. Employees can also have the possibility of acting improperly or illegally. Take time to consider if the default settings are appropriate for your business and if not, make the appropriate setting changes.
| Controllable Feature | Description |
|---|---|
| Set user password | Allows the user to determine the password that will be used. If not allowed in Noah System, a user with administrative privileges will need to set the password and then securely communicate this information to that user. |
| Import/Export in Noah Native Format | Allows the user to export a complete patient(s) record in the format .nha ,.nhax, or ,enhax. This is a HIMSA proprietary format that will contain both demographic and all action data for the patient(s). .enhax is the only format that is encrypted. |
| Import/Export in other formats | Allows the user to export a patient or group of patients in a CSV or XML format. Unless your business is making use of this feature (e.g. using the patient demographic data for purposes of a mail merge) then it is suggested that this feature not be enabled. |
| Delete data | Allows the user to delete a patient record(s) or action(s). |
| Print patient demographic data | Allows the user to print basic reports that are provided by Noah System. This has no impact on printing a report using a Noah compatible module. |
| Print Noah-related data | This controls two print related features: Noah System provided patient reports & Print request sent to a module via right mouse click on session browser action. This has no impact on printing a report using a Noah compatible module. |
| Data Administration | Allows for the ability to use database administration related features. They have access to all the Data Administration Features. For more details, click here. |
| View activity log file | Allows the ability to review and export the Noah activity log (audit trail) keeps track of all activity. It can be used to proactively review other user’s activity as well as perform detailed investigations if improper usage is suspected. For more details, click here. |
| Set up patient demographic data | Allows for the ability to setup the patient demographic fields and to Add, Delete and Edit patient categories. Provides control to set: -What fields are active and required -Field location (Main View or Advanced View), including order -Edit the Names of the “Other 1 and 2” fields |
Now that you reviewed and potentially made changes to user levels, make sure that each Noah user has their own user account and apply the correct level to each user.
Use the strong user password feature in Noah
Check the strong user passwords feature in the Login Settings. This will ensure that your Noah users use more secure passwords for their accounts.
Strong passwords need to be at least 8 characters long. In addition, they must contain a mixture of capital letters, numbers and other non-alphanumeric characters.
Microsoft Active Directory and Azure Active Directory
Noah System 4.9 and newer also support integration with Microsoft Active Directory and Azure Active Directory. Click here for more information.