[MEDITECH-L] Omni-Cell

[Mary Crouch]

All messages should be posted in plain text.  HTML will be converted to
attachments.    The meditech-l web site is MTUsers.com
======================================

During a Risk Assessment we discovered that Omni-Cell sends unencrypted information across the network from the server to the Omni-cell stations.  The data sent and viewable as text is User ID’s, Passwords, Patient Data, Drugs and other EPHI.  We have tried without success to have Omni-Cell address these concerns and they have failed to respond to our numerous requests.    Has anyone else identified this potential security threat and found a solution that does not require Omni-Cell to assist?    Mary Crouch, CSHP Chief Information Officer/Chief Security Officer Information Technologies Phelps County Regional Medical Center "If we keep doing what we’re doing, we’re going to keep getting what we’re getting.”   ~ Stephen Covey        CONFIDENTIALITY NOTICE: This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients names above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is disallowed. If you have received this communication in error; please notify Phelps County Regional Medical Center immediately by telephone at (573) 458-8899 extension 4357 and destroy all copies of this communication and any attachments.

_______________________________________________
meditech-l mailing list
meditech-l@MTUsers.com
http://mtusers.com/mailman/listinfo/meditech-l