Access to the CyberLAB application and its content is based on three criteria:
Role
Modules and submodules in which your tasks are performed
Tasks you perform, based on your job classification
These access controls meet the regulatory requirements of the Health Insurance Portability and Accountability Act (HIPAA) and other federal and state security measures.
The facility defines the role of the users. The users are placed in classes or groups that have specific business functions. An example of these classes can be:
ADMIN - Assigned to users that are allowed access to most or all areas of the system.
TECH - Assigned to users that input results and print worksheets.
DOCTOR - Assigned to physicians who can only access test results in patient inquiry.
Note: Each facility defines the classes or groups of users that are used. The access levels are implemented by the system administrator.
The facility identifies the CyberLAB system modules and submodules that each user class must access to perform its business functions.
Then, the facility defines the specific modules, submodules, and functions that the individual user in a user class can access to do the tasks required for his or her work.
Note: Access to patient information is controlled by the three criteria of role, module and submodule, and individual User ID restrictions.
A major concern of the health care industry today is patient safety. The CyberLAB 7.2 system addresses this concern in numerous ways:
The access control system based on the tiered criteria of role, content, and user provides front-line security for the application.
Patient confidentiality is ensured. A user's access to patient information is limited to his or her job function.
Supervisory personnel view audit logs to confirm the activities of each user and ability to access each patient record.
Sample tracking records each step of ordered tests from the date of order to completion. At each step, the user and time are recorded.
Immediate, secure access to patient results by authorized personnel, from a standard workstation or via WebGateway™.
This allows physicians to obtain the data they need, when they need it.
Automatic flags and call prompts generated when Critical Result Values occur. This allows the facility to immediately inform the physician of critical values for prompt, accurate patient care.