The Adobe file I’m
attaching is an easy and interesting read about the various ways a computer can
be compromised by web sites. The Word document is Dr. Crawford’s
original memorandum about the setup of the proxy server.
I’m in the process of crafting
– or trying to craft - a policy statement similar to the time clock
policy to apply specifically to computers that access PHI. We’ve
already started doing some restriction in the clinics, and we need to apply
similar restrictions to the billing computers. That’s why I
suggested adding Cina to our group. We’ve got the same problems
there that I’ve observed in some of the computers downstairs. We
need to discuss with Cina how the various members of her staff use the
internet. It may be that these folks – or some of them - need to be
restricted like team leaders; that is, restricted from known problem sites but
not as tightly restricted as most of the clinic machines. I really don’t
know the answer to that at this point. But, like team leaders, we need to
put in the policy a defensible statement that warns them about obvious personal
surfing on a computer that accesses PHI.
Barbara, I can’t remember
if we ever managed to nail down a date and time to meet to discuss internet
access restrictions. Can you refresh our memory?
Thanks
Jim