Patient Health Information Security

Access: Access into the mumms® Software System is password protected. The PAS program contains varying levels of access from “view-only” to “super-user”. In CPC, access to portions of the clinical record is attached to the user’s job description.

Integrity: mumms® utilizes unique usernames, passwords, and security levels to ensure that only the appropriate users have the ability to modify certain information.

Availability: Using mumms® insures that information resources are present when needed.

Audit Trail: mumms® already issues a time and date stamp for every system entry and traces the origination of the entry to a specific user.

Public-Key Encryption: mumms® utilizes public-key encryption which uses an algorithm to convert data into a secret code for network transmission so that the information can only be decoded by the intended recipient.

Secure Shell (SSH): SSH is a program within mumms® that allows users to log into another computer over a network, execute commands from a remote machine, and move files from one machine to another. This is an additional technical security mechanism which prevents unauthorized access to data and provides strong authentication and secure communications over unsecured channels.

Automatic “Idle-Out”: The “idle-out” feature in mumms® automatically causes inactive machines to be logged off which forces a user to re-identify him/herself using a system-authorized username and password to regain access into the programs.

Password Protection: mumms® supports the ability for users to easily change their passwords so, as an extra security mechanism, hospices should require that users regularly (quarterly) change their passwords into the PAS and CPC programs.

Deletion of Privileges: mumms® automatically deletes user privileges after 21 days of non-use. User accounts that have been inactive for a period of 21 days will be automatically terminated.