RevolutionEHR Insights ™

Release Notes have been moved to RevHelp

staff tips

Why is it so important for each user to have their own individual user name and password?
Posted: June 21, 2011

Although there is no law that is violated by creating general passwords, for general purpose terminals in an office, the issue that would arise in this situation would be that all of our software’s access logging benefits would become ineffective. For reference, the government’s rules for “certified EHR technologies” requires every software system to have very particular access controls — including a specific user name and associated password for each user. While we never really knew who looked at paper records, and they were technically open to the eyes of any staff person who wanted to look at the information within the file, the EHR access that is done by each user must be tracked by the software.

In RevolutionEHR, we have built in access logs and audit logs that show when each user signed in, and the actions that each user may have taken within a patient’s record. This meets the government’s standards, which are in place to assure the public that their data kept within computerized software systems, is only accessible to people whose eyes are approved to see it. Due to the sensitive and personal nature of the information we are dealing with like names, dates of birth, SSNs, and medical information, it is strongly encouraged that our users comply with the expected standards by using highly confidential passwords to gain access to the records. In hospitals, nurses or doctors login at each patient stop during their rounds, but they don’t share passwords because the actions taken by each professional can be tracked to that professional. We believe that RevolutionEHR should maintain that same high level of attention to detail and cautiousness with the patient’s information.





View Status Page
Updates Prior to 2018