February 2, 2017
From the Bench
Computers in the laboratory are like indoor plumbing. There are very few of us around who can recall when there were NONE. But computer security, that is a very different subject.
The first computer I used in the laboratory was attached to the analyzer only. We had one terminal, with a single log-in for use by all techs. We identified ourselves as the operator for each task by typing in our initials. There was no real “security”. It’s not something we thought about or worried about.
As the years went by, the computerization became more sophisticated and so did the computer security.
In 1996, “the old days” to some of you, I worked on my first paperless LIS system. We had unique user names – which was our initials - and a password. After a few upgrades, security was improved and our password had to be updated every 90 days. But there were no requirements or limitations on how it should be set up. No one warned us not to use common words, birthdates, etc.
At the time, the biggest concern about user log in was the ability to track what each user did and where in the computer system each user went. We worried that employees would look at charts or records for which they had no reason. In my own little corner of the world, the idea of security was about the inside, and what happened. We didn’t pay much attention to the outside world, and what a scary place it was.
Fast forward a decade or two and computer security has changed immensely. The bigger threats come from the outside and they are real. Hackers are breaking into computer systems at banks and health care agencies daily. They steal personal information including name, date of birth, and social security numbers. Credit cards are breached and purchases are made from all over the world. And in some cases, entire identities are taken.
The Tech Support team at work is diligent in their protection of the security of our data. They are routinely installing new protection programs and devices. They increase the security of the existing system and ask us to do our part; to be diligent with our passwords and protection.
But there are people who do not recognize the protection being provided and see these steps as intrusive and time wasting. I have seen passwords written on notepads alongside the keyboard. I have heard people sharing passwords with friends. But the thing that aggravates me most is when I hear coworkers complain about the hoops they jump through to get into the computers and their programs.
Network security, like TSA when we travel, is a minor inconvenience compared to the inconvenience of a data breach or an airplane hijack. Sometimes we need to stop focusing on our own inconvenience and appreciate the steps taken to protect us and our patients.
How good is your computer security at work? Have you thought about what you can do to help?