Previous 		User Authentication and Authorization
Next
  • Secure Internet connection (https).
  • Login name and password are used for authentication.
  • The passwords are stored in encrypted form internally .
  • Provision to have strong client authentication by using client certificates.
  • Separate PIN code for authorization of the reports.
  • Each login session is controlled using server side session management with a fixed time out for unattended sessions.
  • Web server is secured by Cisco PIX firewall.
  • Access to MyChartWriter system is logged for security audit.
  • MyChartWriter uses Role Based Access Control.
  • The roles are hierarchically structured to reflect the organization line of authority and responsibility.
  • Permissions are fine tuned to facilitate sufficient access for the completion of the job.
  • Role constraints and permission constraints are added to enforce separation of duties and context-based access.