Main Nav

Does anyone allow campus health center staff remote acces via VPN to their patient records systems? If so, what requirements/guidelines to you use to insure the end point is secure beyond just using a secure connection?


Nathan Zierfuss, CISSP, Information Security Officer
Technology Oversight Services, University of Alaska
910 Yukon Dr. Suite 105, PO Box 755320
Fairbanks, Alaska 99775-5320
Phone: 907-450-8112  Fax: 907-450-8381


Message from

We do allow remote access.  To access the EHR, one must first use the campus VPN system.  Secondly, they must use the Citrix system to gain access to the application or a remote desktop.  Even then, only select personnel are enabled for remote access to the EHR according to their business need.


I’d love to require a specific, controlled end point to use, such as a health-center issued laptop (for business use only) or perhaps even better, a thin client device or locked-down tablet or netbook.  The reality is that once remote access is given, any client can connect – at least that is the current reality with our campus VPN technology.


We encourage our staff to use health computers to connect and remind them that if their home system is compromised and used to connect, it could expose the University to a disaster.


-- Kevin McCrone, Information Technology Technical Associate

-- Illinois State University, Division of Student Affairs

-- (309) 438-1111


Thanks for the response. We do have a Citrix system as well and that wasn't a posible solution I had considered. It would keep the end point a managed system we know the security posture of but allow viewing/editing. 

I'd like to require use a university managed device as the ultimate end point as well.



Connect: San Antonio
April 22–24
Register Now

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.


Digital Badges
Member recognition effort
Earn yours >

Career Center

Leadership and Management Programs

EDUCAUSE Institute
Project Management



Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.


EDUCAUSE organizes its efforts around three IT Focus Areas



Join These Programs If Your Focus Is


Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.



2015 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations

Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.