Rheuminations: New Rules for Rheumatologists

It seems to me that hospital information technology departments are conflating password security with file encryption. Computer encryption is very important because, without this feature, lost or stolen laptops or other mobile devices become highly vulnerable portals of entry into a network. In terms of network safety, encryption is a totally separate issue from the ill-conceived policy mandating new passwords every 2,000 hours. New passwords don’t enhance safety. They just give the false impression that they do, similar to the futility of frisking elderly, wheelchair-bound airline passengers waiting to board their planes. I decided to seek the opinions about password safety from my hospital’s two chief information officers. Neither has responded to my e-mail queries. Was this a deliberate act of avoidance or did they not receive my e-mails in the first place? Maybe I ought to send them each a fax.

Dr. Helfgott is physician editor of The Rheumatologist and associate professor of medicine in the division of rheumatology, immunology, and allergy at Harvard Medical School in Boston.

References

1. Maher B. New Rules for the New Year. New York Times, January 6, 2013; p. SR5. Available at www.nytimes.com/2013/01/06/opinion/sunday/new-rules-for-the-new-year.html?_r=0. Accessed March 13, 2013.
2. Brill S. Bitter Pill: Why medical bills are killing us. Time Magazine, March 4, 2013. http://healthland.time.com/2013/02/20/bitter-pill-why-medical-bills-are-killing-us. Accessed March 13, 2013.
3. Rosenthal JA, Lu X, Cram P. Availability of consumer prices from US hospitals for a common surgical procedure. JAMA Intern Med. 2013; Feb 11. [Epub ahead of print]
4. Herman B. CEO compensation of the 25 top-grossing non-profit hospitals. Becker’s Hospital Review. September 26, 2012. Available at www.beckershospitalreview.com/compensation-issues/ceo-compensation-of-the-25-top-grossing-non-profit-hospitals/print.html. Accessed March 13, 2013.
5. Song Z, Ayanian JZ, Wallace J, et al. Unintended consequences of eliminating Medicare payments for consultations. JAMA Intern Med. 2013;173:15-21.
6. Fackler M. In Japan, the fax machine is anything but a relic. New York Times. Feb. 14, 2013; p. A1. Available at www.nytimes.com/2013/02/14/world/asia/in-japan-the-fax-machine-is-anything-but-a-relic.html. Accessed March 13, 2013.
7. Florencio D, Herley C. Where do security policies come from? Symposium on Usable Privacy and Security (SOUPS) 2010. July 14–16, 2010, Redmond, WA. Available at http://research.microsoft.com/pubs/132623/WhereDoSecurityPoliciesComeFrom.pdf. Accessed March 13, 2013.