Hello, I am a recently appointed Network Administrator for a small Hospital. (Small enough that I also work in the lab to have enough hours to have a full time job)
One of the things I have been doing is evaluating the security structure of our computer systems to find things that need corrected.
One of the items I have found is that there are a couple of people who take home dictations so that they can be transcribed, and returned to the chart the next day. When I approached the manager in charge of this, she pulled out a non-disclosure agreement, and had the employees involved sign it and considered the situation resolved.
My question is this, does anyone else see any security issues there besides me? I am of the opinion that we (the hospital) should also require that the computers are being kept secure at these people’s homes, and should be kept up in accordance with the policies being implemented in the hospital. Possibly even require periodic inspection by one of the network admin’s.
I would greatly appreciate any comments on this, and recommendations on how to approach this issue.
