Main Nav

Does anyone allow campus health center staff remote acces via VPN to their patient records systems? If so, what requirements/guidelines to you use to insure the end point is secure beyond just using a secure connection?

Nathan

--
Nathan Zierfuss, CISSP, Information Security Officer
-
Technology Oversight Services, University of Alaska
910 Yukon Dr. Suite 105, PO Box 755320
Fairbanks, Alaska 99775-5320
-
Phone: 907-450-8112  Fax: 907-450-8381

Comments

Message from kmccrone@ilstu.edu

We do allow remote access.  To access the EHR, one must first use the campus VPN system.  Secondly, they must use the Citrix system to gain access to the application or a remote desktop.  Even then, only select personnel are enabled for remote access to the EHR according to their business need.

 

I’d love to require a specific, controlled end point to use, such as a health-center issued laptop (for business use only) or perhaps even better, a thin client device or locked-down tablet or netbook.  The reality is that once remote access is given, any client can connect – at least that is the current reality with our campus VPN technology.

 

We encourage our staff to use health computers to connect and remind them that if their home system is compromised and used to connect, it could expose the University to a disaster.

 

-- Kevin McCrone, Information Technology Technical Associate

-- Illinois State University, Division of Student Affairs

-- (309) 438-1111

 

Thanks for the response. We do have a Citrix system as well and that wasn't a posible solution I had considered. It would keep the end point a managed system we know the security posture of but allow viewing/editing. 

I'd like to require use a university managed device as the ultimate end point as well.

Thanks,
Nathan

Close
Close


Annual Conference
September 29–October 2
View Proceedings

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.