Let's go with Dr. Crawford's memo. We can come up with something for people to sign off on later, if the situation arises.
I've got all the names of people who need to have lesser restrictions, people who have to be able to search for patient education materials, doctors' names, etc. I'll put them in the exempt list and go ahead and implement the strong restriction for the others who access the EMR and other PHI.
The information contained in this transmission is confidential and protected by law. It is intended solely for clinical use. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination or distribution of this communication is prohibited. If you have received this communication in error, please notify us by telephone collect at the number listed above. We also ask that you refrain from reading the contents of the message and
OK. I'm about to "flip" the access rules. Hold on to your hat . . . . .
-----Original Message----- From: FMC Organizational Development [mailto:[log in to unmask]] On Behalf Of Crawford, Steven A. (HSC) Sent: Wednesday, October 15, 2008 1:31 PM To: [log in to unmask] Subject: FW: Let's forget about an Internet policy for now
I've talked with one of the sales team from you guys, but I seem to have lost his contact information. Sorry.
Anyway, I just talked to the boss, and he would like to have some "for instance" pricing information before we try to schedule a demo for him. Here are the parameters:
How does this sound? I took Dr. Crawford's memorandum of February 20, 2008 (also attached), made some minor changes to fit into a policy statement, and added some rules and regulations that seem to me to be applicable (from the OUHSC IT Policies pages).
The Adobe file I'm attaching is an easy and interesting read about the various ways a computer can be compromised by web sites. The Word document is Dr. Crawford's original memorandum about the setup of the proxy server.
I'm in the process of crafting - or trying to craft - a policy statement similar to the time clock policy to apply specifically to computers that access PHI. We've already started doing some restriction in the clinics, and we need to apply similar restrictions to the billing computers. That's why I suggested adding Cina to our group. We've got the same
BARBARA IS OUT OF TOWN. SHERRIE MOSER IS COVERING FOR HER.
DID WE SEND OUT THE ATTACHED MEMO AS I THOUGHT IT HAD GOTTEN REVISED DUE TO THE MENTION OF "INFREQUENT RECREATIONAL USE ... ".
SC
Steven A. Crawford, MD OU Physicians Family Medicine Center 900 NE 10th Street Oklahoma City, OK 73104 V: 405-271-3537 F: 405-271-2781 E: [log in to unmask]<blocked::mailto:[log in to unmask]>
I agree. But I would comply with Denise's wishes even if I didn't agree with her. She has guided me patiently and wisely through some pretty rough situations with my own staff. She reigns me in and gets me started thinking rationally.
To oversimplify perhaps, we have finance versus clinic staff in the time clock issue and IT versus clinic staff in the internet access issue. Seen that way, it's no surprise to find resentment and frustration among the folks in the clinics. We need to be sensitive to the concerns of both sides. Computer security and productivity are important,
Here are the comments and concerns expressed at the time clock meeting (with thanks to Denise Brown). Please respond with additions, comments, corrections, etc. to the list.
Probably the first thing to be resolved is whether Count Me In, LLC is going to make us an acceptable deal on replacing the old remotes. I copied everyone on the note I sent to the representative I've been working with. I have not heard back from him. The new devices seem to be working reliably, but our experience with the old remotes was quite unpleasant, and we feel we are due some
If there is overtime that is not approved, what is the process when there is no supervisor's approval. Does Stacy just send the supervisor a note that un-authorized overtime has been recorded and asks them to approve? My understanding from Chanda is that we have to pay it, and then notify the employee (written) that it is not acceptable behavior and further incidents could lead to disciplinarian action.
I would just add that the two things that are not on the minutes are the two things I stressed yesterday (they are not in the minutes because I forgot to write them down)--that our employees no matter if they are exempt or non exempt should be treated with respect and dignity-they are valuable to us and a resource we can not do without---With respect to the time clock being "tampered with" if there is discussion regarding that issue, let's have in OP group or Exec. meetings and not in meetings where we have clinical staff that could easily interpret
I agree. If overtime is not authorized in advance, the supervisor should be notified and a decision made, based on the circumstances, whether corrective action should be taken. However, it still has to be paid.
Chanda R. Graham, JD, SPHR Senior HR Advisor, Employee Relations University of Oklahoma Health Sciences Center, SCB 105 Telephone: (405) 271-2191 Facsimile: (405) 271-2443
I would think if there is no supervisor's signature Stacy would send it back for the signature overtime or not. It would be the supervisor's responsibility to notify the employee that unapproved overtime is unacceptable behavior not the timekeeper correct?
I agree that this responsibility is at the supervisor level and should not be placed on Stacy's desk. I promise she does not want it there. I've had that discussion with her. Having said that, we all know that mistakes happen, things get overlooked, signatures get missed, etc., but a payroll audit will be of Stacy's payroll records, not the individual supervisor's records which is why Stacy is constantly reviewing and contacting people for the proper, correct, documentation. She deals with signed leave requests that say one thing turned in to her and signed time sheets that are turned in
That's correct. It is the supervisor's responsibility to manage time issues with employees. Appropriate communication is between the timekeeper and the supervisor.
Chanda R. Graham, JD, SPHR Senior HR Advisor, Employee Relations University of Oklahoma Health Sciences Center, SCB 105 Telephone: (405) 271-2191 Facsimile: (405) 271-2443
Steven A. Crawford, MD OU Physicians Family Medicine Center 900 NE 10th Street Oklahoma City, OK 73104 V: 405-271-3537 F: 405-271-2781 E: [log in to unmask]<blocked::mailto:[log in to unmask]>
The information contained in this transmission is confidential and protected by law. It is intended solely for clinical use. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination or distribution of this communication is prohibited. If you have received this communication in error, please notify us by telephone collect at the number listed above. We also ask that you refrain from reading the contents of the
I decided to give this list a more generic name. It just seemed like the time to implement something like this. This way, we can use it for the time clocks, the internet access issue, and any other change that might cause heart burn.
Steven A. Crawford, MD OU Physicians Family Medicine Center 900 NE 10th Street Oklahoma City, OK 73104 V: 405-271-3537 F: 405-271-2781 E: [log in to unmask]<blocked::mailto:[log in to unmask]>
The information contained in this transmission is confidential and protected by law. It is intended solely for clinical use. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination or distribution of this communication is prohibited. If you have received this communication in error, please notify us by telephone collect at the number listed above. We also ask that you refrain from
