Hi,
I’m fielding a question for our privacy officer and CIO, and they don’t trust my opinion enough – they want concensus.
We have auditors who regularly come by (we’re a hospital) and managers in different areas aren’t willing to let an employee run reports and guide them around the systems. These managers want us to create accounts for the auditors and that way they can get what they need without intervention or interrupting the employees from patient care or daily duties. I don’t think the auditors should be allowed to have at our systems. What do you all think? How do you handle auditors access to your files, systems, accounts?
Thanks!