gnumed-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-devel] Re: gnumed.conf


From: Karsten Hilbert
Subject: Re: [Gnumed-devel] Re: gnumed.conf
Date: Fri, 30 Dec 2005 23:37:14 +0100
User-agent: Mutt/1.5.11

On Fri, Dec 30, 2005 at 08:58:03AM -0800, Jim Busser wrote:

> Well, does that mean when someone has vacated their exam room or 
> desk, and that is a shared work space, the expectation is that when 
> the previous person leaves and the new worker (doctor or secretary) 
> sits down at that machine, not only must the GNUmed client be logged 
> out and back in, but the user must *also* change themselves to be a 
> different user account on the machine or network?

Actually yes. Some countries even put up regulations for
that (US: HIPAA). They mandate auto-logout with a timeout.

However, in many cases that won't really be practical in a
smaller setting such as a GP practice where it may make more
sense to have one dedicated *system* account (gmuser,
perhaps) which the machine is logged into. Users are then
only expected to logon to the client with their own *db*
credentials. This does not really, however, provide the
amount of security that would be needed. This can be
overcome by auto-logging out the system account after a
timeout and do re-login via fingerprint.

It may be worthwhile some day to add "change credentials" to
the GNUmed client proper which would then allow timed
auto-locking the client (with auto-save, then, perhaps) and
unlocking with different credentials. Or changing
credentials on the fly upon invoking a menu item.

Using your own account (system or db level or both) might be
made attractive by somehow measuring activity (level, not
content) and using that as a goodwill currency in, say,
acknowledgements or even payouts.

So, the entire thing is more social engineering than
anything else. We need to provide the appropriate tools for
that. That's also why PostgreSQL access configuration seems
very complex. Because sites have very diverging needs.

Karsten
-- 
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD  4537 78B9 A9F9 E407 1346




reply via email to

[Prev in Thread] Current Thread [Next in Thread]