How are sites handling HIPAA requirements for termination of "electronic sessions" in the Laboratory. Our IS department is referencing rule 164.312 in the Federal Register (45 CFR Parts 160, 162, and 164) for guidance, and are leaning towards an interpretation that means Lab users need to be automatically logged out of the computer after a set period of inactivity. Currently they are using 30 minutes as the time frame. We're a smallish lab, and staff are constantly changing workstations. We also leave the analyzer process screens and collection batch screens up constantly in key locations, out of necessity. Another issue is the off-shifts where there are only one or two people covering, and moving between most of the workstations in the course of a shift.
We're not happy about the idea of getting booted off the network and having to re-log into the computer so often. How have other labs addressed the issue of complying with HIPAA and keeping the workflow in the Lab from being interfered with? Thanks for any suggestions, Britt Watters, MT(ASCP) Laboratory System Analyst Bartlett Regional Hospital Juneau,Alaska 907.796.8643
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= To subscribe or unsubscribe to the meditech-l, visit MTUsers.COM. To check the status of the meditech-l, visit MTUsers.NET. For help, email [EMAIL PROTECTED] ______________________________________ meditech-l mailing list [email protected] http://mtusers.com/mailman/listinfo/meditech-l
