Patient Informatics

10. Security and access for temporary / redeployed staff / students

Many countries report increased thefts of clinical equipment and attempts in impersonating healthcare staff in attempts to gain access to restricted areas or equipment.

Consider the physical security of all equipment, particularly if it is unique or irreplaceable. Place these items deep within staff areas and ensure they are checked and watched over if needed. Be aware that portions of populations are becoming financially challenged by the outbreak affecting routine income and this may lead to unusual behaviours. Consider fire and flood proofing in case of social unrest.

In terms of non-physical security, volunteers may need user access to Radiology computer systems rapidly and their access may need monitoring or controlling more tightly than regular employees.

Have ‘break glass’ usernames (accounts set up in advance for specific individual uses, but where the names of those people are not yet known) ready to hand out in envelopes in case of a major influx of cases requiring massive amounts of assistance. Have a process in place to rapidly review, grant or revoke access requests. Auditing of accounts is also very important to prevent (or detect) data theft attempts or corruption.

Administrative accounts should remain tightly controlled, but consider planning for the potential loss or incapacity of administrators and who would take their place – is there sufficient written documentation to cover any absences?