How it Works
General Electric
Loading...
2034539-048A MUSE V8 ADVANCED SECURITY GUIDE_SM_2034539-048_A
MUSETM Cardiology Information System Advanced Security Guide Software Version 8.0 2034539-048 A
52 pgs821.65 Kb0
Table of contents
Loading...

General Electric 2034539-048A MUSE V8 ADVANCED SECURITY GUIDE_SM_2034539-048_A MUSETM Cardiology Information System Advanced Security Guide Software Version 8.0 2034539-048 A

Download
GEHealthcare
MUSE™CardiologyInformationSystem
AdvancedSecurityGuide
SoftwareVersion8.0 2034539-048A
MUSECardiologyInformation Systems English ©2011GeneralElectricCompany. AllRightsReserved.
TheinformationinthismanualonlyappliestoMUSE™CardiologyInformationSystemsoftwareversion8.Itdoesnotapplytoearlier softwareversions.Duetocontinuingproductinnovation,specicationsinthismanualaresubjecttochangewithoutnotice.
MUSEandInSitearetrademarksownedbyGEMedicalSystemsInformationTechnologies,Inc.,aGeneralElectricCompanygoingtomarket asGEHealthcare.Allothertrademarkscontainedhereinarethepropertyoftheirrespectiveowners.
Thedocumentpartnumberandrevisionappearatthebottomofeachpage.Therevisionidentiesthedocument’supdatelevel.The revisionhistoryofthisdocumentissummarizedinthefollowingtable.
Revision
A
Date
29March2011InitialRelease
Comment
2
MUSE™CardiologyInformationSystem
2034539-048A
29March2011
Contents
1Introduction
SecurityFeaturesOverview........................................................................5
RegulatoryandSafetyInformation.............................................................5
SafetyConventions...................................................................................6
SafetyHazards.........................................................................................6
DocumentConventions...............................................................................6
TypographicalConventions.........................................................................6
Illustrations.............................................................................................7
Notes....................................................................................................7
2MUSESecurityFeatures
ChecklistforMUSESecurityFeatures.........................................................9
MUSEFeaturesthatRequirePolicies/Procedures.....................................10
AccessControlSecurity.............................................................................11
ChangingtheDefaultSystemAccounts....................................................12
3UserAuthentication
WindowsAuthenticationvs.MUSEAuthentication..................................13
AllowingMUSEAuthentication..................................................................13
UnattendedWorkstationSecurity............................................................14
4Accounting/Logging
PrintLog....................................................................................................17
ChangeLog...............................................................................................17
EditChangeLog........................................................................................19
ProcessLog...............................................................................................19
MUSEAdministratorAccount......................................................................11
MUSEBackgroundAccount........................................................................12
SettingUpSecurityforanUnattendedWorkstation...........................................15
LoggingSystemSecurityEvents...............................................................20
2034539-048A
MUSE™CardiologyInformationSystem
3
5MUSEWeb
ConguringIIStoLogWebsiteActivityonMUSEWeb.............................23
SettingupClientBrowserfor128-bitEncryption......................................24
6Anti-VirusSoftwareandSecurityUpdates
Anti-VirusSoftware...................................................................................25
SecurityUpdates.......................................................................................25
AAppendixA—HIPAAOverview
HIPAAIntroduction....................................................................................27
HIPAALawOverview.................................................................................27
PrivacyandCondentiality.......................................................................29
ElectronicHealthTransactionsandCodeSetsStandards........................30
BAppendixB—SummaryofMUSESecurity
Introduction..............................................................................................33
CAppendixC—21CFRPart11Option
Introduction..............................................................................................47
ElectronicSignature..................................................................................47
Other/RelatedFeatures............................................................................48
4
MUSE™CardiologyInformationSystem
2034539-048A

Introduction

SecurityFeaturesOverview

TheMUSE™CardiologyInformationSystem(alsoreferredtoastheMUSEsystem)has severalsecurityfeatureswhich,whenproperlyusedandcongured,cansupport U.S.A.facilitiesincomplyingwiththeHealthInsurancePortabilityandAccountability Act(HIPAA)SecurityandElectronicSignatureStandards.Thesenewsecuritystandards weredesignedtoprotectpatient’shealthinformationfromimproperaccess, alteration,andlosswhenitismaintainedortransmittedelectronically.
FormoreinformationontheHIPAASecurityandElectronicSignatureStandardsrefer tothefollowinglink:
http://ge.com/hipaa
CompliancewiththeHIPAASecurityandElectronicSignatureStandardscannotbe attainedsolelythroughtheuseofthesecurityfeaturesontheMUSEsystem.Sites whichusetheMUSEsystemtomaintainandtransmitpatienthealthinformation,must usethesecurityfeaturesinconjunctionwithasecurityplanwhichprovidesforthe usertrainingandsecurephysicalaccesstopatienthealthinformation.
1
Thisdocumentisprovidedtodescribehowtoproperlysetupandusethesecurity featuresontheMUSEsystem.Theresponsibilityofdevelopingthesecurityplanfor usertrainingandsecurephysicalaccesstopatienthealthlieswiththeenduser .
Ifyouhaveanyquestionsorneedassistancewithanyofthesesecuritysetups,call theGEHealthcareSupportCenterat1-800-558-7044.

RegulatoryandSafetyInformation

Thissectionprovidesinformationaboutthesafeuseandregulatorycomplianceof thisdevice.Familiarizeyourselfwiththisinformationandreadandunderstandall instructionsbeforeattemptingtousethisdevice.Thesystemsoftwareisconsidered medicalsoftware.Assuch,itwasdesignedandmanufacturedtotheappropriate medicalregulationsandcontrols.AnyexceptionsarenotedintheCompliance Information-Exceptionssection.
NOTE:
Disregardingthesafetyinformationprovidedisconsideredabnormaluseof thisdeviceandcouldresultininjury,lossofdata,andvoidanyexistingproduct warranties.
2034539-048A
MUSE™CardiologyInformationSystem
5
Introduction

SafetyConventions

AHazardisasourceofpotentialinjurytoaperson,property,ortheproduct.
ThismanualusesthetermsDANGER,WARNING,andCAUTIONtopointouthazards andtodesignateadegreeorlevelofseriousness.Familiarizeyourselfwiththe followingdenitionsandtheirsignicance.
DenitionsofSafetyConventions

SafetyHazards

WARNING:

DocumentConventions

Safety Convention
DANGER
WARNING
CAUTION
Denition
Indicatesanimminenthazard,which,ifnotavoided,willresultindeath orseriousinjury.
Indicatesapotentialhazardorunsafepractice,which,ifnotavoided, couldresultindeathorseriousinjury.
Indicatesapotentialhazardorunsafepractice,which,ifnotavoided, couldresultinminorpersonalinjuryorproduct/propertydamage.
INCORRECTTREATMENT:Someofthecommunicationsprotocolsusedinthis product(CSIandDCP)donotprovideencryptionorauthenticationatthistime. TheseprotocolsareusedtosendclinicaldatatotheMUSEsystemfromECGcarts andotherclinicaldevices.
Youshouldtakeappropriatestepstosecuretheprivacyofcommunicationson yournetworkwhenusingthisproduct.
Thismanualusesthefollowingconventions.

TypographicalConventions

ConventionDescription
BoldTextIndicateskeysonthekeyboard,texttoenter,orhardwareitemssuchas
Italicized-Bold
Text
CTRL+ESC
6
buttonsorswitchesontheequipment.
Indicatessoftwaretermsthatidentifymenuitems,buttonsoroptionsin variouswindows.
Indicatesakeyboardoperation.Aplus(+)signbetweenthenamesoftwo keysindicatesthatwhileholdingtherstkey,youshouldpressandrelease thesecondkey.Forexample,PressCTRL+ESCmeanstopressandholdthe CTRLkeyandthenpressandreleasetheESCkey.
MUSE™CardiologyInformationSystem
2034539-048A
ConventionDescription
<space>
Enter
>
Introduction
Indicatesthatyoumustpressthespacebar.Wheninstructionsaregiven fortypingaprecisetextstringwithoneormorespaces,thepointwhere youmustpressthespacebarisindicatedas:<space>.Thisensuresthat thecorrectnumberofspacesareinsertedinthecorrectpositionswithin theliteraltextstring.Thepurposeofthe<>bracketsistodistinguishthe commandfromtheliteraltextwithinthestring.
IndicatesthatyoumustpresstheEnterorReturnkeyonthekeyboard.Do nottypeEnter.
Thegreaterthansymbol,orrightanglebracket,isaconcisemethodto indicateasequenceofmenuselections.
Forexample,thestatement“Fromthemainmenu,selectSystem>Setup> OptionstoopentheOptionActivationwindow”replacesthefollowing:
1.Fromthemainmenu,selectSystemtoopentheSystemmenu.
2.FromtheSystemmenu,selectSetuptoopentheSetupmenu.
3.FromtheSetupmenu,selectOptionstoopentheOptionActivation
window.

Illustrations

Notes

Allillustrationsinthemanualareprovidedasexamplesonly.Dependingonsystem conguration,screensthatappearinthemanualmaydifferfromthescreensasthey appearonyoursystem.
Allpatientnamesanddataarectitious.Anysimilaritytoactualpersonsis coincidental.
Notesprovideapplicationtipsoradditionalinformationthat,whileuseful,arenot essentialtothecorrectoperationoftheproduct.Theyarecalledoutfromthebody textthroughaagwordandindentation,asfollows:
NOTE:
ThetiporadditionalinformationappearsindentedbelowtheNOTEagword.
2034539-048A
MUSE™CardiologyInformationSystem
7
Introduction
8
MUSE™CardiologyInformationSystem
2034539-048A

MUSESecurityFeatures

ChecklistforMUSESecurityFeatures

WhensettingupsecurityontheMUSEsystem,usethefollowingchecklistasa reminderofsecurityfeaturesavailableonthesystemthataddressbothHIPAAand FDA21CFRPart11requirements.Shadedfeaturesarenotrequiredfor21CFRPart11 compliance,butareconsideredgoodsecuritypractices.
2
FDA Requirement
Authentication & Authorization
MUSEFeature
Access Control Security
User Authentication
Unattended Workstation Security
CongurationRecommendedSolution
MUSEUsers’ Password
Windows Authentication
Logoutor Lockout ScreenSavers
MUSEAdmin,MUSEBkgnd, andMUSEUsers’ passwordsshouldadhere tofacility’sbestpracticeor policy.
WindowsUsersshouldbe mappedtoMUSEUsers.
AllowOnlyWindows Authenticationoptionis
installed
Allworkstationsare conguredtouseLogout
ScreenSaverorLockout ScreenSaver.
1
r
r
r
1.EnablingthisfeaturerequirestheassistanceoftheGEHealthcareSupportCenter .Pleasedial1-800-558-7044torequestassistance withactivatingthisfeature.
2034539-048A
MUSE™CardiologyInformationSystem
9
MUSESecurityFeatures
FDA Requirement
Accounting& Tracking
Web Encryption& Logging
DataIntegrityAntiVirusAntiVirus
MUSEFeature
Windows EventLog
AuditTrailsEditorSecurityEnabletheChangeLog.
Secure Conguration
MUSEWeb
CongurationRecommendedSolution
AuditPolicyTheWindowsutility“Audit
RemoteQuery
UserEntered Destination
SSL Encryption
SSLLogging
Software Conguration
Policy”issetontheMUSE serverandallworkstations tologcertainevents.
TheRemoteQueryfeature isdisabled.
TheUserEntered Destinationfeatureis disabled.
TheMUSEleserverisset touseSSLtoforce128-bit encryption.
TheMUSEleserverisset touseIIStologMUSEWeb activities.
Virusprotectionsoftware isinstalledandproperly conguredontheMUSEle serverandallworkstations.
r
r r
r
r
r
r

MUSEFeaturesthatRequirePolicies/Procedures

ThefollowingMUSEfeaturesrequirepoliciesandprocedurestoachievesecurity compliance.
PoliciesandProceduresRequiredforHIPAA&21CFRPartIISecurityCompliance
MUSEFeature
HL7Device
Folder,FTPFolder,EmailPatientDataleavingthesystem,thus,no
MUSEAPI
Fax
WhyaPolicy/ProcedureisNeeded
PatientDataleavingthesystem,thus,no longerchangeloggingorprotectingaccess ofrecords.
longerchangeloggingorprotectingaccess ofrecords.
Dataisleavingthesystemandmaynotbe underanysecuritycontrol.
Faxedinformationcanbeviewedbyanyone, thusapolicyshouldbeinplaceregarding coverpages,andcondentialityofpatient information.Workwithyourlegaldepartment indevelopingthesepolicies/procedures.
10
MUSE™CardiologyInformationSystem
2034539-048A
PoliciesandProceduresRequiredforHIPAA&21CFRPartIISecurityCompliance
MUSESecurityFeatures

AccessControlSecurity

RemoteQuery
AllowinguserstoenterdestinationDataisleavingthesystemandmaynotbe
PoliciesandProceduresRequiredfor21CFRPartIISecurityCompliance
Feature
AcquiringECGsrequiresTechniciansto enterIDNumberatcart
Dataisleavingthesystemandmaynotbe underanysecuritycontrol.
underanysecuritycontrol.
WhyaPolicy/ProcedureisNeeded
Dataleavesthesystemandnotunderany securitycontrol
TheMUSEsystemrequirestwoWindowsuseraccounts:
MuseAdmin–usedbyGEHealthcareservicepersonneltoaccessandworkon
thesystem
MuseBkgnd–usedbytheMUSEsystemtorunbackgroundWindowsServices
AccountnamesandpasswordsfortheMUSEAdminandMUSEBkgndWindowsuser accountsaremanagedthroughWindowslikeanyotherWindowsuseraccount. Bothaccountsshouldhavepasswordsthataresettoneverexpire.Ifthepasswords change,GEHealthcareservicepersonnelmaynotbeabletologintothesystemto providesupport,andthebackgroundserviceswillfailtostart,causingtheMUSE systemtostopfunctioning.AllotherusersoftheMUSEsystemcanusetheirnormal WindowsusercredentialstoaccesstheMUSEsystem.InsidetheMUSEapplication, theusersaresetupwiththeirdomain\useraccountinformation.Nopassword informationisrequiredwhenconguringaMUSEuser.Theuserpasswordscanbe controlledorchangedthroughWindowsasrequired.
Thefollowingsectionsdescribestheseaccounts,howtheyareused,andthesystem requirements.TheserequirementsaremetbyfollowingtheinstructionsintheMUSE CardiologyInformationSystemInstallationManual.

MUSEAdministratorAccount

TheMuseAdminaccountisusedbyGEHealthcareservicepersonneltologintothe MUSEsystemtoperforminitialsetupandconguration,andtoprovideongoing serviceandsupport.
Thisaccountmustmeetthefollowingrequirements:
NeedstobeamemberoftheWindowsAdministratorsGroupontheMUSEle
server.
MustbeassignedasystemadministratorroleinSQLserver.Forinstructions
onaddingasystemadministratorroleinSQLserver,seetheMUSECardiology InformationSystemInstallationManual.
Shouldbeadomainaccountwheneverpossible.Asanalternative,itcanbean
accountlocaltotheMUSEleserver.
2034539-048A
MUSE™CardiologyInformationSystem
11
MUSESecurityFeatures
BoththeaccountnameandpasswordfortheMUSEAdminaccountcanbe
Thecustomershouldnotusethisaccountforanypurposeandshouldinstead

MUSEBackgroundAccount

TheMuseBkgndaccountisusedtostarttheMUSErelatedbackgroundservicesonthe MUSEleserver.Thisaccountneedstomeetthefollowingrequirements:
NeedstobeamemberoftheWindowsAdministratorsGroupontheMUSEle
MustbeassignedasystemadministratorroleinSQLserver.Forinstructions
Mustnotbesubjecttoanypoliciesthatwouldnotallowtheaccountthe“LogonAs
determinedbythecustomer,butmustbesharedwithGEHealthcareservice personnelsothattheycanusethataccountwhentheyworkontheMUSEsystem. Forinstructionsonchangingtheaccountnameandpassword,seetheMUSE CardiologyInformationSystemServiceManual.
createanaccountforeachindividualuserusingthesystem.
server.
onaddingasystemadministratorroleinSQLserver,seetheMUSECardiology InformationSystemInstallationManual.
Service”right,sincethatrightisarequirementfortheaccounttobeabletostart theMUSErelatedbackgroundservices.
Shouldbeadomainaccountwheneverpossible.Asanalternative,itcanbean
accountlocaltotheMUSEleserver.
BoththeaccountnameandpasswordfortheMUSEAdminaccountcanbe
determinedbythecustomer,butmustbesharedwithGEHealthcareservice personnelsothattheycanusethataccountwhentheyworkontheMUSEsystem. Forinstructionsonchangingtheaccountnameandpassword,seetheMUSE CardiologyInformationSystemServiceManual.
Thecustomershouldnotusethisaccountforanypurposeandshouldinstead
createanaccountforeachindividualuserusingthesystem.

ChangingtheDefaultSystemAccounts

CustomersusingWindowsauthenticationmaychoosetochangetheWindows accountnames,accountpasswords,orbothtoaddresssecurityissuesortocomply withchangesinnetworkstandardsatanytime(see“WindowsAuthenticationvs.
MUSEAuthentication”onpage13).Thenameandpasswordchangesaremadeusing
theLocalUsersandGroupsfunctionoftheAdministrativeToolsontheMUSEle server.Inaddition,severalcommandlineutilitiesmustberuntoensurethatthe changesarereectedintheMUSEsystem.
CustomersusingMUSEauthentication,maychoosetochangethepasswordsforthe defaultaccountsatanytime(see“WindowsAuthenticationvs.MUSEAuthentication”
onpage13).Theycannot,however ,changetheaccountnames.Thepassword
changesaremadeusingthestandardMUSEUserSetupfunction.
FordetailedinstructionsonchangingtheWindowsaccountnames,theWindows accountpasswords,ortheMUSEaccountpasswords,refertotheMUSE™Cardiology InformationSystemServiceManual.
12
MUSE™CardiologyInformationSystem
2034539-048A

UserAuthentication

MUSEprovidestwotypesofuserauthentication:
WindowsAuthentication
MUSEAuthentication

WindowsAuthenticationvs.MUSE Authentication

UsingWindowsAuthenticationonaMUSEworkstationnotonlyeliminatesasecond logonusingMUSEauthentication,butalsosupportsahigherlevelofsecurityasis recommendedtomeetHIPAAcompliancestandards.
MUSEauthenticationismostcommonlyusedonaclientworkstationthatissharedby multipleusers,andwherethoseusersdonotwanttologoutofWindowsandlogback intoruntheMUSEapplicationandberecognizedasadifferentuser .Eachpersonthat runstheMUSEapplicationonthesharedworkstationcanlogintoMUSEwiththeirown usernameandpassword.TohelpmeetHIPAAcompliance,policiesandprocedures willneedtobeinplacewhenusingMUSEauthentication.
3
UsingWindowsauthentication,usersarenotrequiredtologintotheMUSEapplication separately.WhentheMUSEapplicationislaunched,MUSEwillautomaticallylogthem inastheproperuser,basedontheuserthatisloggedintoWindowsonthatcomputer. Windowsauthenticationsupportsahigherlevelofsecurityasrecommendedtomeet HIPAAcompliancestandards.

AllowingMUSEAuthentication

Bydefault,thesystemallowseitherMUSEorWindowsauthentication.Todisable MUSEauthenticationonthesystemsothatWindowsauthenticationcanbeused, contacttheGEHealthcareSupportCenterat1-800-558-7044,orcontactyour regionalsupportcenterifyouareoutsidetheUnitedStates.
IfMUSEauthenticationisallowed,itcanbeenabledatindividualworkstations byaddingthefollowingswitchtotheshortcutthatisusedtolaunchMUSE:
-museauthenticate.
IfMUSEauthenticationisdisabledandausertriestologinusingMUSEauthentication, amessagewillappearstatingMUSEauthenticationisnotenabled.
2034539-048A
MUSE™CardiologyInformationSystem
13
UserAuthentication
IfauserisloggedintotheMUSEsystemusingtheircorrectWindowsauthentication, anerrormessageappears,buttheywillbeallowedintothesystem.
IfauserisloggedintotheMUSEsystemasadifferentuser,andlogsinusingMUSE authentication,anerrormessageappearsandtheywillnotbeallowedintothesystem.

UnattendedWorkstationSecurity

Twooptionsareavailableforsettinguplogout/lockoutsecurityonworkstationsthat areleftunattendedforaspeciedamountoftime:
Logout—Whenaworkstationisinactive(nomouseorkeyboardinput)fora
speciedamountoftime,thecurrentuserwillbeloggedoffWindows,andthe MUSEsessionwillend.
Lockout—Whenaworkstationisinactiveforaspeciedamountoftime,the
screensaverselectedintheControlPanelisactivated.
Thefollowingtablesummarizesthesetwooptionsforunattendedworkstation security.Besureyouunderstandhoweachoptionimpactstheuserbeforechoosing oneofthem.Informallsystemusersabouthowtheunattendedworkstationsecurity optionaffectstheiruseofthesystem.
DifferencesbetweentheTwoOptionsforUnattendedWorkstationSecurity
Item
Accesswillbeterminated afterapredeterminedtime ofinactivity
Requiresauthentication tologbackintotheMUSE system
Theworkstationislocked
Userscanunlockworkstation
TheMUSEapplicationexits
LogoutScreenSaver
WINEXIT
YesYes
YesYes
NoYes
N/A
Yes
LockoutScreenSaverLogon
withPasswordProtected
•Lastuser
•Administrator
•No,ifthelastuserunlocks theworkstation
•Yes,iftheAdministrator unlockstheworkstation
14
MUSE™CardiologyInformationSystem
2034539-048A
DifferencesbetweentheTwoOptionsforUnattendedWorkstationSecurity
UserAuthentication
Item
Loseunsavedchanges
Possibilityoflockingarecord thatwasbeingeditedwhen thescreensavertookcontrol.
2
.
LogoutScreenSaver
Yes
Yes

SettingUpSecurityforanUnattendedWorkstation

Therearetwowaysyoucansetupsecurityforanunattendedworkstation.
WINEXITcanbeusedifyouarerunningWindowsXP .
SettingupascheduledtaskcanbeusednomatterwhichWindowsversionyou
areusing.
ConguringtheWinexit.scrScreensaverforWindowsXP
IfyouarerunningWindowsXP,theWinexit.scrscreensaverforcestheusertoquit programsandlogoffafterasetperiodofinactivity.Toinstallthewinexitscreensaver onatypicalWindowsXPsystem,usethefollowinginstructionsortheinstructions foundathttp://support.microsoft.com/kb/314999.
WINEXIT
LockoutScreenSaverLogon
withPasswordProtected
•No,ifthelastuserunlocks theworkstation
•Yes,iftheAdministrator unlockstheworkstation
•No,ifthelastuserunlocks theworkstation
•Yes,iftheAdministrator unlockstheworkstation
1.DownloadthelefromtheWindows2003ResourceKitat
http://www.microsoft.com/downloads/en/details.aspx?FamilyID= 9D467A69-57FF-4AE7-96EE-B18C4790CFFD&=en,oruseWindowsExplorer
tolocatetheWinexit.scrleintheWindows2000ResourceKitfolderonyour harddrive.
2.Right-clicktheWinexit.scrle,andthenclickInstall.
TheDisplayPropertiesdialogboxopenswiththeScreenSavertabactive.and theLogoffScreenSaverentryisautomaticallyselected.
3.ClickSettings.
4.SelecttheForceapplicationterminationcheckboxtoforceprogramstoquit.
5.IntheCountdownfornsecondsbox,typethenumberofsecondsthelogoff dialogboxwillappearbeforetheuserisloggedoff.
6.IntheLogoffMessagebox,typethemessagethatappearsduringthelogoff countdown.
7.ClickOK.
8.IntheDisplayPropertiesdialogbox,clickPreview.
2.Ifarecordislocked,amessagewillbedisplayedindicatingtherecordisbeingusedbyanotherworkstation.Themessagewilldisplaythe NodeIDoftheworkstationthathaslockedtherecord.Tounlocktherecord,auserwithsufcientprivilegescanlogontheworkstation whichhaslockedtherecordandstarttheMUSEapplication.
2034539-048A
MUSE™CardiologyInformationSystem
15
UserAuthentication
9.ReviewtheAutoLogoffdialogbox.
10.ClickCancel.
11.ClickOKtosavethesettings.
AlternativetoWINEXIT
Theotherwaytologoffusersafterinactivityistousethepssshutdown.exeprogram fromsysinternals.Thisprogramwilllogoutthecurrentlyloggedinuseronthe systemwhereitisinstalled.Youcanusethesystemschedulertorunthistaskafter thesystemhasbeenidle.
1.Logontohttp://technet.microsoft.com/en-us/sysinternals/bb897541.aspxfor
2.PlacetheleintotheC:\windowsfolder.
3.Scheduleataskasthelocaladministratorusingc:\windows\psshutdown.exe
4.UndertheScheduletab>ScheduleTask,selectWhenidle.
Itdisplaysthelogoffmessageandthecountdowntimer.
instructionsanddownloadthesysinternalspsshutdown.execommand.
-o-f.
5.IntheeldWhenthecomputerhasbeenidlefor,enterthenumberofminutes
beforeautomaticshutdown.
6.UndertheSettingstab,leavethe72hoursatthetopasis.SelectOnlystart thetaskifthecomputerhasbeenidleforatleast:,andenterthenumberof minutesthatthecomputercanbeidle.
7.Leaveifthecomputerhasnotbeenidlethatlong,retryforupto:atzero.
8.Leaveallotherboxesbeyondthispointempty.
9.Exitthescreen.
16
MUSE™CardiologyInformationSystem
2034539-048A

Accounting/Logging

PrintLog

4
OutboundeventsrefertodatathatissentoutoftheMUSEsystem,suchaspatient tests,reports,sendingoutlistsforprinting,andsoon.
Thesystemlogsthefollowingoutboundevents:
PrintingtoPostscriptandPCLprinters
Fax
CSI
Email
HL7

ChangeLog

Folder
FTPFolder
TheseoutboundeventscanbeviewedinthePrintLog.ToopenthePrintLog,select Status>PrintLog.
RefertotheMUSECardiologyInformationSystemsOperatorManualforinstructionson conguringthePrintLog.
TheChangeLogtrackschangestopatientdataandmayfacilitatendingatest thathadincorrectdataenteredonthedeviceandhassincebeencorrectedinthe MUSEsystem.
TheChangeLogfunctionmustbeactivatedwithinSystem>Setup>Sites>Test TypeSettings.AllchangesmadetoarecordappearintheChangeLog.Thisincludes changestopatientdemographics,testmeasurements,anddiagnosticstatements withintheinterpretivewindow.
NOTE:
YoucannotviewtheChangeLogattheSerialComparisonlayout.
1.AttheEditlist,openapatienttest.
2.SelecttheClericaltab.
2034539-048A
MUSE™CardiologyInformationSystem
17
Accounting/Logging
3.ClicktheChangeLogbuttontoopentheChangeLogwindow.
Eachtimeyoumakeachangetoapatienttest(includingchangesmadeatthe HIS),thechangesarerecorded.Afteratestisupdatedorsavedinthedatabase, thechangesaresavedbydate.
4.Toviewthechangelogdetails,double-clickonachangeditemtoexpandit.
TheChangeLogEntryDetailswindowopens.
Thiswindowishelpfulwhendisplayinglongeldssuchasthediagnosis.
18
MUSE™CardiologyInformationSystem
2034539-048A
5.ToprinttheChangeLog:
6.Toenablethedisplayofsupplementaltesteldsthataregeneratedand
7.ClickClosewhennishedtoexittheChangeLog.

EditChangeLog

TheEditChangeLogisalistofchangesmadetoatest’spatientID,name(rst andlast),location,dateandtime.Thelogexiststofacilitatendingatestthathad incorrectdataenteredonthedeviceandwascorrectedinthesystem.
Accounting/Logging
a.ClickthePrintbutton
TheSelectDeviceandFormattingOptionswindowopens.
b.MaketheappropriatechoicesandclickOKtoprintthelog.
maintainedbytheMUSEsystem,selecttheShowChangesforVirtualFields checkbox.Examplesofsomeoftheseeldsare:EditTime,EditDateand identicationcodesthatuniquelyidentifythepatienttotheMUSEsystem.

ProcessLog

TheProcessLogisalistofalloftheprocessesthesystemran.Thislogincludes processescurrentlyrunningandthosethatterminatedsuccessfully.Youcanidentify currentprocessesbecausetheydonothaveanendtime.Processeswithanoldstart timeandnoendtimehavemostlikelyfailedandcanbeinvestigatedforissues.
2034539-048A
MUSE™CardiologyInformationSystem
19
Accounting/Logging

LoggingSystemSecurityEvents

TheMUSEapplicationserverandworkstationsshouldbeconguredtologWindows securityeventstotheWindowsViewer.Ateachleserverandworkstation,repeat thefollowingstepstosetupthisaudit.
1.ClickStart>Programs>AdministrativeTools>LocalSecurityPolicy.
TheLocalSecuritySettingswindowopens.
2.SelectLocalPolicies>AuditPolicy.
3.Clickoneacheventandselectthecheckboxesindicatedinthefollowingtable.
Event
Auditaccountlogonevents
Auditaccountmanagement
Auditdirectoryserviceaccess
Auditlogonevents
Auditobjectaccess
Auditpolicychange
Auditprivilegeuse
Auditprocesstracking
Auditsystemevents
20
MUSE™CardiologyInformationSystem
Success
üü
üü
üü
üü
Failure
ü ü
ü
ü ü
2034539-048A
4.ClickOKtosaveyourchanges.
5.ClosetheLocalSecuritySettingswindow.
Accounting/Logging
2034539-048A
MUSE™CardiologyInformationSystem
21
Accounting/Logging
22
MUSE™CardiologyInformationSystem
2034539-048A

MUSEWeb

InternetInformationServices(IIS)isrequiredontheMUSEWebserver.Toaccessthe MUSEWeb,theusermusthavetheirbrowserconguredfor128-bitencryption.
Fordetailedprocedures,seetheMUSEWebServerInstructionGuidetoEnablingSSL.
ConguringIIStoLogWebsiteActivityonMUSE Web
TheMUSEapplicationservershouldbeconguredtoenableloggingWebsiteactivity asfollows:
1.Right-clickMyComputerandselectManage.
2.ExpandServices&Application>InternetApplicationServices>Websitesin thelistfoundintheTreelist(leftpanel).
3.Right-clickonMUSEWebsiteandselectPropertiesintheWebsitetab.
4.MakesurethattheEnableLoggingcheckboxisselectedintheWebsitetab.
5.ForActivelogformat,makesureitisW3CExtendedLogFileFormat.
6.SelectProperties.....
a.SelecttheGeneraltab. b.SelectWeeklyforNewLogTimePeriod. c.MakesuretheLogledirectoryis%WinDir%\System32\LogFiles. d.SelecttheAdvancedtab. e.Add/delete/verifycheckmarkstoobtainthefollowingExtendedLogging
Options.
5
ü ü ü ü
ü
2034539-048A
Date
Time
ClientIPAddress
UserName
ServiceName
ServerName
MUSE™CardiologyInformationSystem
ü
URIQuery
HttpStatus
Win32Status
BytesSent
BytesReceived
TimeTaken
23
MUSEWeb
ü
ü
f.ClickOKtoclosetheLoggingPropertieswindow.
g.ClickOKtoclosetheWebsitePropertieswindow.
ServerIP
ServerPort
MethodCookie
ProtocolVersion
UserAgent
Referred

SettingupClientBrowserfor128-bitEncryption

TheMUSEWebserverwillonlyallow128-bitencryptionaccesses.Userswillneedto updatetheirInternetExplorer(IE)5.0or6.0tohave“HighEncryptionPack”installed.
NOTE:
TheHighEncryptionPackcanbedownloadedfromtheMicrosoftWebsite.
ThefollowingstepsdescribehowtodeterminetheIEencryptionlevel.
1.StartInternetExplorer.
2.SelectHelp>AboutInternetExplorer.
3.IfCipherStrengthislessthan128-bit,youwillneedtoinstallHighEncryption Pack.
24
MUSE™CardiologyInformationSystem
2034539-048A

Anti-VirusSoftwareandSecurity Updates

Anti-VirusSoftware

GEHealthcarehasvalidatedtheproperoperationoftheMUSEsystemwithNorton Anti-VirusCorporateEditionandMcAfeeNetShieldinstalled.Eitherofthesetwovirus protectionsoftwareapplicationscanbeinstalledonthesystemwithoutaffecting functionorperformance.
Anti-virussoftwareisnotprovidedwiththeMUSEsystem.Itremainsthecustomer’s responsibilitytoacquireandinstallanti-virussoftwareontheirMUSEsystemperthe recommendationsofthemanufactureroftheanti-virussoftware.
SeetheMUSEPre-InstallationManualforadditionalinformationoninstallinganti-virus softwareontheMUSEsystem.Whenproperlyused,anti-virussoftwarecanprotect theMUSEsystemfromvirusinfectionandthesubsequentdatacorruptionwhichcan resultfromavirusinfection.However,ifimproperlycongured,anti-virussoftware cancausesystemdegradation.
6

SecurityUpdates

AlistofvirusesthatposeasignicantthreattoGEHealthcarecustomers’product securityispostedontheGEHealthcareProductSecuritywebsite.
Asnewvulnerabilitiesandpotentialsecurityissuesarise,GEHealthcaremakesevery efforttoquicklyidentifyandnotifycustomersofapprovedxes.Timeisrequired forGEHealthcaretoidentifythevulnerability,testthex,andrunavalidationtest ontheproductforsafetyandfunctionality.OnlyafterthisrigorousprocessdoesGE Healthcarereleasetheofcialpatch.Whilewerecognizetheurgencytocorrectthese problems,wemustensurethattheintegrityofthesystemisnotcompromised.
AftersecuritypatchesarevalidatedforspecicGEHealthcareproducts,the informationisaddedtotheProductSecuritywebsite.Youcandownloadthepatch directlyfromthewebsiteofthesoftwaremanufacturer(Microsoft,andsoforth)and
2034539-048A
MUSE™CardiologyInformationSystem
25
Anti-VirusSoftwareandSecurityUpdates
applyittoyourGEHealthcareproduct.Tocheckonthelatestinformationregarding validatedsecuritypatches:
1.BrowsetotheGEHealthcareProductSecuritywebsite:http://
prodsecdb.gehealthcare.com
TheSingleSignOn(SSO)windowopens.
2.EnteryourSSOnumberandpasswordandclickLogIn..
IfyoudonothaveanSSOnumber,clicktheSignUplinktoobtainone.
3.UsethefeaturesontheGEHealthcareProductSecurityDatabaseWebsiteto determinesecuritypatchesthatyoucanapplytoyoursystem.
26
MUSE™CardiologyInformationSystem
2034539-048A
AppendixA—HIPAAOverview

HIPAAIntroduction

ThefutureofhealthcareintheUnitedStateschangedonAugust2,1996when theHealthInsurancePortabilityandAccountabilityAct(HIPAA)becamelaw.The complexandfar-reachingfederallegislationsignicantlyaffectseverypersonand organizationinvolvedinhealthcare.HIPAArulesspelloutstandardsandrequirements forprotectingthecondentiality,security,andintegrityofallhealthinformation.

HIPAALawOverview

TheprimarygoalsofHIPAAarequanticationofconsumerhealthcarerightsalong withimprovedprivacyandsecurityofmedicalrecords.Thetwomaincomponents ofHIPAAareHealthCarePortabilityandAdministrativeSimplication.TheHealth CarePortabilitylegislationbecameeffectivein1996.ThePortabilitypartofHIPAA iswellunderstoodandwassuccessfullyimplementedbytheU.S.governmentand themedicalindustryin1996and1997.ThePortabilitylegislationguaranteesthe followingrightstohealthcareconsumers:
A
Improvedavailabilityandaccessibilityofhealthinsurance
Guaranteedrightofportabilityandcontinuityofhealthinsurancecoveragefor
individualsandgroups
Prohibitionofdiscriminationbasedonhealthstatus
HIPAA’sAdministrativeSimplicationprovisioniscomposedoffourpartsandinvolves thesehealthcareissues:
Standardizationofelectronictransfersofpatienthealth,administrative,and
nancialdata
Privacyandsecuritystandardsprotectingthecondentialityandintegrityofhealth
information
Uniquehealthidentiersforindividuals,employers,healthplans,andhealthcare
providers
Eachpartwilleventuallyproduceavarietyofrulesandstandards.Manyoftherules andstandardsareunderdevelopment.Astherulesandstandardsarenalized
2034539-048A
MUSE™CardiologyInformationSystem
27
AppendixA—HIPAAOverview
andbecomelaw,theywillhavedifferentcompliancedeadlines.Thefourpartsof AdministrativeSimplicationare:
ElectronicHealthTransactionsStandards
UniqueIdentiers
Security&ElectronicSignatureStandards
Privacy&CondentialityStandards
HIPAA’scomplexityconfusescustomers.EventheHIPAAnamecausesconfusion. RecentlythescopeofthetermHIPAAchanged.InitiallyHIPAAreferredtoallparts ofthelegislation.CurrentusagenarrowsHIPAA’smeaningtotherulesgenerated fromtheAdministrativeSimplicationsubsection.GEHealthcarefollowscommon usage,andunlessotherwisenoted,HIPAAreferstotherulesdevelopedfromthe AdministrativeSimplicationsubsection.
ThemaincomponentsofHIPAAandtheirrelationshipsarepresentedinthefollowing diagram.
TheHIPAAcomponentwiththegreatestimpactonGEHealthcarecustomersisthe PrivacyStandard,asdenedintheAdministrativeSimplicationsubsection.TheFinal VersionofthePrivacyStandard,(StandardsforPrivacyofIndividuallyIdentiable HealthInformation,45CFRParts160and164),waspublishedintheFederalRegister onDecember20,2000.
TheHIPAAimplementationandenforcementschedulespansseveralyears.The PrivacyStandardbecomesenforceableonApril14,2003.Thefollowingtable summarizestheHHSreleasestatusandtimetablefortheHIPAArules.
28
MUSE™CardiologyInformationSystem
2034539-048A
AppendixA—HIPAAOverview
HIPAARulesandRulemakingTimetable
StandardPublicationDateFinalRulingRequired
Compliance
1.Insurance Portability
2.Electronic Transactions&Code
3
Sets
3.Privacy& Condentiality
4.NationalProvider Identier
5.NationalEmployer Identier
6.Security
7.NationalHealth PlanIdentier
8.Claims Enforcement Procedures
9.NationalIndividual Identier
4
August02,1996August02,1996
May07,1998August17,2000
November03,1999December28,2000April14,2003
May7,1998
June16,1998
August12,1998
InDevelopment
InDevelopment
Withdrawn
Expected2002
Expected2002
Expected2002 –
July01,1997
October16,2003
PrivacyandCondentiality
TheFinalRuleforPrivacywaspublishedDecember28,2000.Compliancewillbe requiredonApril14,2003formostcoveredentities.Ingeneral,privacyisaboutwho hastherighttoaccesspersonallyidentiablehealthinformation.Therulecoversall individuallyidentiablehealthinformationinthehandsofcoveredentities,regardless ofwhethertheinformationisorhasbeeninelectronicform.ThePrivacystandards limitthenon-consensualuseandreleaseofprivatehealthinformation;givespatients newrightstoaccesstheirmedicalrecordsandtherighttoknowwhoelseaccessed them;restrictmostdisclosureofhealthinformationtotheminimumneededforthe intendedpurpose;establishesnewcriminalandcivilsanctionsforimproperuseor disclosure;establishesnewrequirementsforaccesstorecordsbyresearchersand others.
3.InJanuary,2002theBushAdministrationextendedthedeadlineforthe‘ElectronicTransactions&CodeSets’fromOct2002untilOctober
2003.
4.AlthoughtheHIPAAlawcalledforauniquehealthidentierforindividuals,HHSandCongressindenitelypostponedanyefforttodevelop suchastandard.(HHSFactSheet,AdministrativeSimplication,2001)
2034539-048A
MUSE™CardiologyInformationSystem
29
AppendixA—HIPAAOverview
ThePrivacyandCondentialityregulationsincorporatevebasicpatientrightsrelated tohealthcareinformation:
ConsumerControl:Theregulationprovidesconsumerswithcriticalnewrightsto
controlthereleaseoftheirmedicalinformation.
Boundaries:Withfewexceptions,anindividual’shealthcareinformationshouldbe
usedforhealthpurposesonly,includingtreatmentandpayment.
Accountability:UnderHIPAA,forthersttime,therewillbespecicfederalpenalties
ifapatient’srighttoprivacyisviolated.
PublicResponsibility:Thenewstandardsreecttheneedtobalanceprivacy
protectionswiththepublicresponsibilitytosupportsuchnationalprioritiesas protectingpublichealth,conductingmedicalresearch,improvingthequalityof care,andghtinghealthcarefraudandabuse.
Security:Itistheresponsibilityoforganizationsthatareentrustedwithhealth
informationtoprotectitagainstdeliberateorinadvertentmisuseordisclosure.

ElectronicHealthTransactionsandCodeSets Standards

Healthcareorganizationsroutinelystoreandtransmitmedicalinformationin electronicformat.Electronicmedicalinformationismanipulatedthroughawide varietyofencodingschemesandformats.Standardelectronicdatainterchange improvestheefciencyofhealthcaredelivery.Nationalstandardsmakeiteasierfor healthplans,doctors,hospitals,andotherhealthcareproviderstoprocessclaims andothertransactions(HHSFactSheet,AdministrativeSimplication,2001).The governmentandthemedicalindustryperceivestandardizedrepresentationsof routinemedicaldataasbenecialforallpartiesinvolved.TheTransactionsStandards mandatesuseofstandardizedelectronicformatsdevelopedbytheAmericanNational StandardsInstitute(ANSI).TheCodeSetStandardsrequireuseofthemostcommonly usedmedicalterminologycodesets.Finalstandardsforelectronictransactionsand codesetswerereleasedinAugust2000.TheoriginalcompliancedeadlineofOctober 2002wasextendedtoOctober2003.
TheTransactionsStandardsspecifytheformatandcontentofthefollowingmedical transactions:
Healthclaimsorequivalentencounterinformationtransfer
Healthclaimsattachments
Enrollmentanddisenrollmentactionsinahealthplan
Eligibilitystatusinahealthplan
Healthcarepaymentandremittanceadvice
Healthplanpremiumpayments
Firstreportofinjury
Healthclaimstatus
Referralcerticationandauthorization
TheHealthorganizationsmustadoptstandardcodesetsforallhealthtransactions. Codesetsarealphanumericidentiersrepresentingmedicaldata.Medicalcoding systemsdescribediseases,injuries,andotherhealthproblems,aswellascauses, symptoms,andactionstaken.Allpartiesexchangingmedicaltransactionsmust
30
MUSE™CardiologyInformationSystem
2034539-048A
AppendixA—HIPAAOverview
generateandacceptthesamecoding.Consistentcodingreducesmistakes, duplicationofeffort,andcosts.HIPAAspeciesthefollowingcommonlyusedcode sets:
InternationalClassicationofDiseases,9thEdition,ClinicalModication,(ICD-9-CM),
Vols1,2,3
NationalDrugCodes(NDC)
CodeonDentalProceduresandNomenclature
HealthCareFinancingAdministrationCommonProcedureCodingSystem(HCPCS)
CurrentProceduralTerminology,FourthEdition(CPT-4)
TheTransactionsStandardsregulateinformationrelatedtohealthinsurancestatus andremittance.GEHealthcarecardiologyproductsareclinicalsystemsandrarely (ifever)processthehealthinsuranceandremittanceinformationaffectedbythe TransactionsStandards.TheGEHealthcarecardiologyproductsarenotaffected bytheTransactionsStandards.
TheCodeSetStandardsregulateuseofclinicalmedicalinformation.TheCodeSet StandardsmayaffectGEHealthcarecardiologyequipment.Thecardiologyequipment mayneedtosupportinputofcodesetvalueswhentestinformationisacquired.
2034539-048A
MUSE™CardiologyInformationSystem
31
AppendixA—HIPAAOverview
32
MUSE™CardiologyInformationSystem
2034539-048A
AppendixB—SummaryofMUSE Security

Introduction

TheGEHealthcareProductSecuritywebsitehastheHIMSSManufacturerDisclosure StatementforMedicalDeviceSecurityorMDS2formfordifferentMUSEversions.
Thisformhassomeofthesameanswersasthosefoundinthissection.See
http://prodsecdb.gehealthcare.com/andloginwithyourSingleSignOn(SSO).Ifyou
donothaveanSSO,clicktheSignUplinktoobtainone.
ThefollowingtableisbasedonaMUSEsystemrunningversion8withouttheMUSE Weboption.Thesetablesareindirectresponsetotheneedforsecurityfeaturesin medicalsystems.GEHealthcareprovidestheseanswerstoassistyouindiscovering yourrisksandinthecreationofyourmitigationplan.GEHealthcareprovidesthese answerstothebestofourknowledgegiventherequirementsandcurrentstateof theproduct.
B
ThisdocumentcontainsasummaryoftheLegalRequirementsoftheHealthInsurance PortabilityandAccountabilityAct(HIPAA).Itisnotintendedaslegaladvice.Every entitymustmakeitsownjudgmentregardingwhatwillberequiredtoenableitto complywithHIPAA.GeneralElectricCompanyreservestherighttomakechangesin specicationsandfeaturesshownherein,ordiscontinuetheproductdescribedatany timewithoutnoticeorobligation.ContactyourGEHealthcarerepresentativefor themostcurrentinformation.
BackgroundInformation
Enteranydescriptionthathelpsclarifythesecuritycontext.Thesecurity contextwouldincludeproductoptions,environmentalconditions,andso forth.
DoestheproductCapture,Store,orTransmitanyPatientidentiabledata?
Identifythearchitecturethatbestdescribesthisproduct:
WhatOperatingSystemisthisproductClientbasedon?WindowsXP
WhatOperatingSystemisthisproductbasedon(orinthecaseof client/serverproducts–whatistheserver)?
WhichGSPPlatformdoestheproductutilize?
2034539-048A
MUSE™CardiologyInformationSystem
Unknown
Yes
3tier application
WIN2003
None
33
AppendixB—SummaryofMUSESecurity
Cantheproductdisplayacustomersuppliedmessageonbootuporlogin?Yes&No,the
Doestheproductprovideatrainingmodethatallowsfortrainingwithout corruptingtheoperationaldata?
Doesthisproducthaveacommunications/networkinterface(Notincluding RemoteService)?
IdentifyalloftheCommunicationsinterfacesthatthisproducthas:
Ethernet
Token-Ring
ATMNo
RF(802.11,bluetooth,otherradio)
COTSModem
OtherModem(egSDLC)
DirectSerial
Other
DoesthisproducthaveaDatabase?
application cannot,but Windowscan atlogin
No
NetworkPresence
Yes
Yes
No
No
Yes
No
Yes
No
Yes,SQL Server2005
IdentifyalloftheServices/Protocolstheproductprovides:
AnyDirectNetworkdbAccess(JDBC,ODBC,SQL,etc)
DICOM
HL7Yes
XMLYes
HillTop
Unity
AdvantageNET
PostScriptorPCLprinters
SMTPorMAPI
FAXYes
SNMP
FTPYes
Telnet/Xwindows
Share(NFS,SMB,etc.)
CustomerAccessibleAPI?
Other
NoneNo
Yes
No
Yes
No
No
Yes
Yes
Yes
No
Yes
Yes
No
34
MUSE™CardiologyInformationSystem
2034539-048A
AppendixB—SummaryofMUSESecurity
IdentifythemodesofNetworkCommunicationsofPatientIdentiableDatathatissupported usingtheaboveprotocols:
SendPatientIdentiableDatatoothersystems
ReceivePatientIdentiableDatafromothersystems
ProvideaQueryinterfacethatothersystemscanusetoextractPatient
Yes
Yes
Yes
IdentiableData
DoesthisproducthaveaWebServer?
Yes
Transactions,CodeSets,andIdentiers
IdentifyalloftheCodeSetsthisproductsendsorreceives:
non-standardequivalentstoX12NTransactions(BillingEDItransactions)?
standardX12NTransactions(BillingEDItransactions)?
non-standardequivalentstoCDTcodesets(DentalServices)?
standardCDTcodesets(DentalServices)?
No
No
No
No
non-standardequivalentstoCPT4codesets(Physicianservices)?
standardCPT4codesets(Physicianservices)?
non-standardequivalentstoICD9codesets(Diseases,injuries,etc)?
standardICD9codesets(Diseases,injuries,etc)?
non-standardequivalentstoNDCcodesets(DrugsandBiotics)?
standardNDCcodesets(DrugsandBiotics)?
non-standardequivalentstoHCPCScodesets(otherservices)?
standardHCPCScodesets(otherservices)?
User(soft)conguredcodesthatmaybeconguredtoincludeCDT,CPT4, ICD9,NDC,orHCPCS?
Noneoftheabove
Identifyalloftheidentiersthisproductsupports
“NationalProviderIdentier”(USAUniqueidentierforallindividuals providinghealthcareservices)?
“NationalEmployerIdentier”(USAUniqueidentierforallhealthcare facilities)?
“NationalPayerIdentier”(USAUniqueidentierforallinsurancecarriers)?
Noneoftheabove
No
No
No
No
No
No
No
No
Yes
No
No
No
No
Yes
UserIdentication
Doestheproductprovideforindividualidentication(accounts)ofclinical
Yes
users(excludingserviceusers)?
Whatisthemaximumnumberofaccounts(0<zero>==>theoretically
10,000
innite)
2034539-048A
MUSE™CardiologyInformationSystem
35
AppendixB—SummaryofMUSESecurity
Doestheproductsupportpasswordsforauthenticationoftheclinicalusers?
Doestheproductutilizetheoperatingsystemauthenticationforclinical
Yes
Yes
users?
Doestheproductplaceconstraintsonusername?16char.max
Identifyalloftheauthenticationtechnologiesthisproductsupports
WindowsDomain
MicrosoftActiveDirectory
Non-WindowsKerberos
NIS/YP
CCOW
Other
Yes
Yes
No
No
No
No
NoneNo
Duringlogindoestheproductinformtheuserofthelasttimethesystem
No
wasaccessedusingthatuseraccount?
Cantheuserauthenticationbeaugmentedbyabiometric,token,orother
Yes
methodbesidespasswords?
Identifyalloftheadvancedauthenticationtheproductsupports:
tokens
smartcards
badgereaders
writtensignatureverication
one-timepasswordgenerators
biometricidentiers
Certicateidentication
dial-backmodems
Other
Yes
Yes
No
No
No
No
No
No
No
NoneNo
Howdoesthecustomergettheseadvancedauthenticationmethods?
Customer supplied
UserAccountMaintenance
Identifyalloftheinformationassociatedwithauseraccount:
FullName
AdditionalIdentier
Title
Yes
Yes
Yes
DepartmentNo
PhoneNumber
E-mailAddress
36
MUSE™CardiologyInformationSystem
Yes
Yes
2034539-048A
AppendixB—SummaryofMUSESecurity
StreetAddress
FAXNumber
Other
NoneNo
Whocanadministeruseraccounts?Multiple
IdentifyalloftheUserAdministrativecontrolssupported
AuditLogofallaccountchanges
Setanaccountinactivewithoutremovingtheaccount?
Forcealogoffofanactiveuser?
Automaticde-activationofanaccountonaspecieddateornumberof days/time?
Automaticde-activationofanaccountafteracongurednumberofdays ofnon-use?
Other
NoneNo
IdentifyalloftheUserAccountReportssupported:
Listofalluseraccounts
Listofcurrentlyactiveusers
Listofalluseraccountswithlastuseddate/time
Other
NoneNo
No
Yes
No
Accounts
No
Yes
No
No
No
No
Yes
Yes
No
No
Whenanaccountismarkedinactiveordeleteddoestheproductdisablein
Yes
real-timeanyactivesessionsusingthatID?
Doestheproductprovideatoolforbatchmanagementofuseraccounts?
Yes
Authorizations
Doestheproductsupportmultiplelevelsofaccesscontrolthatcanbe
Yes
assignedtouseraccounts?
Doestheproductsupportmultiplelevelsofaccesscontrolthatcanbe
Yes
assignedtogroupsofuseraccounts?
Identifyalloftheaccesscontrolrightsthatcanbeappliedtoauser:
ViewPatientIdentiableDataonscreen
PrintPatientIdentiableDatatopaperorlm
ModifyPatientIdentiableData
2034539-048A
MUSE™CardiologyInformationSystem
Yes
Yes
Yes
37
AppendixB—SummaryofMUSESecurity
ExportPatientIdentiableDatatoremovabledigitalmedia
Delete Identifyallthemethodsbywhichtheaccesscontrolrightareapplied:
Accessatdatabaseviewlevel
Accessatlelevel
Accessatlesystemdirectorylevel
Time-of-Day
WeeklySchedule
Workstation(location)
Other
NoneNo
Doesproducthidefunctionalitythattheuserdoesnothaverightsto(to preventtheuserfromevenknowingafunctionalityexists)?
Doestheproductfurtherrestrictaccessbasedonpatientspecicconsent?
Auto-Logoff
IdentifyalloftheinactivityAutoLogoffcapabilitysupported:
UnprotectedScreenSaver
PasswordprotectedScreenSaver(screenblanking)
ApplicationLogout
Applicationblanking,withre-authenticationallowingcontinuation.
Other
NoneNo
Cantheadministratoroverrideanyinactivityscreen/applicationblanking?
No
Yes
No
No
No
No
No
No
Yes
Yes
No
Yes
Yes
No
No
No
Yes
Identifyhowtheinactivitytimeoutcanbecongured:
SystemWide
Workstation(location)
No
Yes
Per-UserYes
DevicetoDeviceAuthentication
Identifyalloftheentityauthenticationthatisused,whencommunicating andtheremoteuserisnotorcannotbeauthenticatedserialnumber
Macaddress
IPAddress
AE-Title
Processidentier
Taskidentier
UnidirectionalPKIcerticatechallenge(ex:simpleSSL)
38
MUSE™CardiologyInformationSystem
No
No
No
No
No
No
2034539-048A
AppendixB—SummaryofMUSESecurity
BidirectionalPKIcerticatechallenge(ex:clientandserverauthSSL)
Other
NoneYes
LogAllSecurityEvents
IdentifyalloftheSecurityEventsthatcanbelogged:
MachineShutdown
MachineBoot
Applicationstart
Applicationstop
Networklink/connectionfailures
DataIntegrityfailure
SuccessfulUserLogin
FailedUserLogin
UserLogoutYes
Auto-Logoff
Forcedlogoffbyadministrator
Auserchangedtheirpassword
Anadminreset/clearedauserspassword
Attemptbyausertoaccessfunction/datathattheydonothaveaccessto
User/Groupaccountcreation
User/Groupaccountdeletion
User/GroupAccessrightsmodication
Other
NoneNo
No
No
Yes
Yes
Yes
Yes
Yes
No
Yes
Yes
Yes
No
Yes
Yes
No
Yes
Yes
No
No
IdentifyallofthecontentsofaSecurityEventlogentry:
DateandTime
Timetomillisecondaccuracy
IdentieroftheUser
Identierofthedevice(workstation,IP ,orotherstationidentication)
Eventdescription
Arethesesecurityeventstrackedinadifferentlogthanpatientidentiable
Yes
No
Yes
Yes
Yes
Yes
datarelatedevents?
Onfailedauthenticationattempts,isthepasswordattemptedenteredinto
No
thelog?
Istheloglepersistent(NOTautomaticallyoverwrittenordeleted)?Notlimited
Isaccesstothislogrestrictedtoauthorizedindividuals?
Canthecustomerspecifythelistofeventstotrack?
2034539-048A
MUSE™CardiologyInformationSystem
Yes
No
39
AppendixB—SummaryofMUSESecurity
IdentifyallofthePatientIdentiableDataVieweventsthatcanbelogged:
Printouts
Exporttoles
LogAllPatientDataViews
Yes
Yes
Exporttoremovablemedia
Faxed
E-Mailed
Viewbybrowser
Viewbyclientapplication
Retrievedovernetworkprotocol(DICOM,XML,API,etc.)
De-identication
Other
NoneNo
IdentifyallofthecontentsofaPatientIdentiableDataViewlogentry:
DateandTime
Timetomillisecondaccuracy
IdentierofUser
IdentierofDevice(workstation,IP,orotherstationidentication)
Identieroftheapplication
Identierofthefunctionwithintheapplication
IdenticationofthePatient
Howlongthedatawasdisplayed
Eventdescription
Yes
Yes
Yes
Yes
No
No
No
No
Yes
No
Yes
Yes
No
No
Yes
No
Yes
Istheloglepersistent(NOTautomaticallyoverwrittenordeleted)?Notlimited
Isaccesstothislogrestrictedtoauthorizedindividuals?
Canthecustomerspecifythelistofeventstotrack?
Yes
No
LogAllPatientDataModications
IdentifyallofthePatientIdentiableDataModicationeventsthatcanbe logged:
Modicationofclinicaldatapriortoanalreport(diagnosis,medications,
Yes
observations,measurements,etc.)
Modicationoramendmentstoanalreport
Modicationofpatientdemographics
Modicationoftestdate,time,orsetupparameters
Modicationofdiagnosis
40
MUSE™CardiologyInformationSystem
Yes
Yes
Yes
Yes
2034539-048A
AppendixB—SummaryofMUSESecurity
NoneNo
IdentifyallofthecontentsofaPatientIdentiableDataModicationlogentry
DateandTime
Timetomillisecondaccuracy
IdentierofUser
IdentierofDevice(workstation,IP,orotherstationidentication)
Yes
No
Yes
Yes
Identieroftheapplication
Identierofthefunctionwithintheapplication
IdenticationofthePatient
Eventdescription
Istheloglepersistent(NOTautomaticallyoverwrittenordeleted)?Notlimited
Isaccesstothislogrestrictedtoauthorizedindividuals?
Canthecustomerspecifythelistofeventstotrack?
LogAllChangestotheConguration
IdentifyalloftheCongurationChangeeventsthatcanbelogged:
ChangeofthesystemDateand/orTime
Installationofpatches,maintenance,FMI,hotx,etc.
IPAddressorothernetworkconguration
Analysisalgorithmparameters
Creation,modication,ordeletionofoutputdevices/API/interface/AE
Creation,modication,ordeletionofinputdevices/API/interface/AE
Other
NoneNo
No
No
Yes
Yes
Yes
No
No
Yes
No
No
No
No
No
IdentifyallofthecontentsofaCongurationChangelogentry:
DateandTime
Timetomillisecondaccuracy
IdentierofUser
IdentierofDevice(workstation,IP,orotherstationidentication)
Identieroftheapplication
Identierofthefunctionwithintheapplication
Eventdescription
Yes
No
No
No
No
No
Yes
Istheloglepersistent(NOTautomaticallyoverwrittenordeleted)?Datelimited
Isaccesstothislogrestrictedtoauthorizedindividuals?
Canthecustomerspecifythelistofeventstotrack?
Yes
No
AuditLogViewing
2034539-048A
MUSE™CardiologyInformationSystem
41
AppendixB—SummaryofMUSESecurity
IsthereprotectionagainstALLmodicationofalllogles?
Isdeletionofalogtrackedinadifferentlog?
Isviewingofalogtrackedinadifferentlog?
Doestheproductprovidealertsbasedonautomatedadvancedlog analysis?
Aretheaudittrailalertstrackedinalog?
Isthereatimesynchronizationfunctionincludedanddocumented?
AuditLogMining
Doestheproductsupporttheuseofthird-partyauditminingpackages?
Doestheproductsupportamechanismforcreatingatextbasedauditlog (oraretheauditlogsalreadytext)?
DoestheproductintegratewithCAUnicenterorHPOpenview?
Doestheproductprovidesearchingtoolsfortheauditlogs?
Doestheproductprovidesortingtoolsfortheauditlogs?
IdentifyalloftheAuditTrailReportsthatcanbecreated:
Usersaccessingrecordswiththesamelastnameastheuser
Usersaccessingrecordswiththesameaddressastheiraddress
Accesstorecordsthathavenotbeenaccessedinalongtime
Accesstoanemployee’sownpatientdata
Accessestominor’spatientdata
Accessestoterminatedemployeespatientidentiabledata
Multipleloginattemptswithimproperauthentication
Allusersthathaveuseaspecicfunction
Allactivityofaspecicuser
Yes
No
No
No
No
Yes
No
No
No
No
Yes
No
No
No
No
No
No
No
No
No
Allaccessestoaspecicpatient
Allactivityfromaspecicworkstationorcommunicationslink
Allloginandlogoutactivitywithinaperiodoftime
Allloginfailures
AllAccesscontrolfailures
AllModicationstosecuritysettings
Allchangestoauthenticationsettings
Allaccessviaremoteserviceinterface
Allchangestotheaudittrailsconguration
Other
No
No
No
No
No
No
No
No
No
No
NoneYes
CongurationLockdown&SecurityFixes
42
MUSE™CardiologyInformationSystem
2034539-048A
AppendixB—SummaryofMUSESecurity
IsthisOSconguredtomeetDOD-C2Compliance?
Haveunnecessaryservicesandprotocolsbeenturnedoff?
Haveunnecessaryservicesandprotocolsbeenuninstalled?
Aredefaultpasswordsdocumentedinanyformofmanual?
Arepasswordsthatarenotchangeableusedforadministrativeaccounts?
IstheSNMPcommunitynamesetto"public"or"private"?
Istheredocumentationavailablethatdescribestheservicesandprotocols thatarenecessaryforproperoperationoftheproduct?
IsthecustomerfreetoapplyanyOperatingSystemortoolvendorxes totheproduct?
DoestheM4releasecontainallsecurityxesfortheOS,database,orany otherthirdpartytoolswithin6monthsoftheM4date?
ForOperatingSystems:
Thetypicaltimewindowbetweenwhenapatchisavailableandwhenit canbeappliedtoacustomersystemis6months
Thetypicaltimewindowbetweenwhenapatchisavailableandwhenitcan beappliedtoacustomersystemis12months
ThecustomercangetOSxesthatarenomorethan12monthsold
Isthisdatabaseconguredwiththeminimalservicesandprotocols running?
No
Yes
Yes
Yes
No
No
Yes
No
Yes
Yes
Yes
Yes
Yes
ForDatabases:
Thetypicaltimewindowbetweenwhenapatchisavailableandwhenit canbeappliedtoacustomersystemis6months
Thetypicaltimewindowbetweenwhenapatchisavailableandwhenitcan beappliedtoacustomersystemis12months
Thecustomercangetdatabasexesthatarenomorethan12monthsold
Doestheproductincludeotherthirdpartytoolorapplication(Backup software,SNMPagent,pcAnywhere,maintenancetool,MicrosoftOfce,etc.)
Forother3rdpartytools:
Thetypicaltimewindowbetweenwhenapatchisavailableandwhenit canbeappliedtoacustomersystemis6months
Thetypicaltimewindowbetweenwhenapatchisavailableandwhenitcan beappliedtoacustomersystemis12months
Thecustomercanget3rdpartytoolxesthatarenomorethan12months old
ListanyThirdPartyApplications,Tools,Libraries,Drivers?
Yes
Yes
Yes
Yes
Yes
Yes
Yes
InSite2, Antivirus software, Digiboard,IE, MSDE,MDAC, MMC,Disk
AntiVirus
2034539-048A
MUSE™CardiologyInformationSystem
43
AppendixB—SummaryofMUSESecurity
Areallproductreleasesandmaintenancereleasesscannedforany maliciouscode(Virus,Worm,Trojan)?
IdentifyalloftheMaliciousCodedetectionsupported:
HostbasedIntrusionDetection
NortonAntiVirus
McAfeeAntiVirus
OtherWindowsAntiVirus
CustomersuppliedAntiVirussoftware
CustomeradministratedAntiVirusSignatureFiles
Tripwireorother
NoneNo
IntegrityControlsonData
Doestheproductutilizetransparentend-to-enddataintegritycontrols? (memoryparity,tcpchecksums,etc.)
Doestheproductenforceapplicationmanageddataintegritycontrolslike objectchecksums?
DoestheproductsupportPKIbasedDigitalSignaturestomaintaindata integrity?
Doestheproductenforcerequiredeldsduringdataentrytoensure completenessofrecords?
Doestheproducthaveadataentryvalidationmechanismsuchasdouble keyingofpatientidentiabledatatoensureaccuracyofthedataentered?
Doestheproductstorerejectedtransactionswiththereasonforthe rejection?
Doestheproductensurethatdatabaseupdatesaredoneinafail-safeway?
IsthereanyOtherformofintegritycontrolprovided?
Yes
No
Yes
Yes
No
No
No
No
Yes
No
No
Yes
No
Yes
Yes
No
BackupandRecovery
Howmanypatientrecordsdoesthisproductstoreormanage?Unlimited
Identifyallthewaysthattheproductprotectsagainstdisasters/failures:
Exporttoremovablemedia
RAIDharddrive
backupofpatientdataonly(typicallytotape)
backupoffullsystem(typicallytotape)
UPS
Offsitemirroring
Near-linestorage
Other
No
Yes
Yes
Yes
Yes
No
No
No
NoneNo
BackupandRecoveryproceduresaredocumented?
44
MUSE™CardiologyInformationSystem
Yes
2034539-048A
AppendixB—SummaryofMUSESecurity
CantheIntegrityandcompletenessofthebackupbeveriedbythe operatorthroughtheuseofofinemeans?
Encryption
Isanyformofencryptionofpatientidentiabledatasupported(not includingtheserviceinterface)?
De-Identication
Isthereabulkde-identicationfunctionalitythattheusercanuse?(not serviceinterface)
DigitalSignatures
Doestheproductprovideforsomeformofelectronicacceptancestamp onPatientIdentiableData?
DoestheproductprovideforaPKIbaseddigitalsignature?
DoestheproductsupportDICOMsupplement41DigitalSignature Extensions?
Service
Isthereamethodthatservicecanusetoaccessthesysteminthecaseof anemergencywhennormaladministrationisnotpossible?
Doestheproducthaveatleastoneloginspecicallyforservicingthe equipment?
Doestheproductrestrictserviceindividualswithmultiplelevelsofaccess control?
Doestheproductsupportmultipleindividualserviceaccounts?
AreServiceaccountsrestrictedfromviewing,ormanipulatingPatientData?
Yes
Yes
No
Yes
No
No
Yes
Yes
No
Yes
No
AreallaccessestoPatientDatabyservicerestrictedtode-identieddata?
AreServiceactionsaccountedforinaloglesomewhere?Manually
ArepasswordsthatarenotchangeableusedforOperatingSystem administrativeaccounts?
Arepasswordsthatarenotchangeableusedforserviceaccounts?
AreServicedefaultpasswordsdescribedindetailsinanyformofmanual?
Isthecustomerallowedtochangetheservicepasswords?
Doestheproductsupportremoteservice?
Doestheremoteservicesessionrequireauthenticationtoaserviceuser?
Canthecustomertellthataremoteservicesessionisinprogress?
Canthecustomer,throughautomaticormanualmethods,knowwhich specicserviceindividualiscurrentlyremotelyloggedin?
Canthecustomerseewhatishappeninginanactiveremoteservice session?
Canthecustomerstopanactiveremoteservicesession?
Specifytheequivalentencryptionstrengththataremoteservicesession canoperateover?
No
No
No
No
Yes
Yes
Yes
Yes
No
Yes
Yes
3DES
2034539-048A
MUSE™CardiologyInformationSystem
45
AppendixB—SummaryofMUSESecurity
IstheproductspecicGERemoteServicenetworkisolatedfromtherestof theGEintranet?
AreaccesspointstotheGEservicenetworkprotectedwithanICSA equivalentrewall?
AreremotesessionseverinitiatedwithoutaServicecallbeingloggedby thecustomer?
No
No
No
46
MUSE™CardiologyInformationSystem
2034539-048A
AppendixC—21CFRPart11Option

Introduction

TheFDAhasissuedregulationsregardingelectronicrecordsandelectronicsignatures called21CFRPart11.TheregulationsarerequiredforcustomerswhousetheMUSE asasystemtosupportclinicaltrials.Thissectiondescribesthe21CFRpart11 functionalityontheMUSEsystem.
Thisoption,whenactivated,willdisableautomaticchangestopatientdata,require entryofareasonforchangestopatientdata,andallowsyoutoenableasecond optiontopromptforapasswordwhenpatientdataischanged.

ElectronicSignature

21CFRPart11statesthatusersmustbepromptedforapasswordoneachsitewhen theyarenotbiometricallyauthenticated.The21CFRPart11optionisavailablewith MUSEsoftwareversion7.xsoftware.Whenthisoptionisenabled,theSiteInformation windowcontainstwoadditionalcheckboxes.
C
Enable21CFRPart11
RequirePasswordPromptwhensaving
2034539-048A
MUSE™CardiologyInformationSystem
47
AppendixC—21CFRPart11Option
1.Toenable21CFRPart11,atSystem>Setup>Sites>Advanced,selectthe
2.IfbiometricauthenticationisbeingusedforEVERYUSERonthesite,selectthe
3.Ifthesitehassomeuserswhousebiometricauthenticationandsomeusers
Enable21CFRPart11checkbox.
RequirePasswordPromptwhenSavingcheckbox.
whodonotusebiometricauthentication,selectthe21CFRPart11checkbox andleaveRequirePasswordPromptwhenSavingunchecked.
WhenRequirePasswordPromptwhenSavingisleftuncheckedinSiteSetup, theindividual’susersetupswillbeusedbythesystemwhenareportissaved.
Thefollowingtablesummarizeshowtheindividualuser’sRequirePassword PromptwhenSavingoptionfunctions.
UserElectronicSignatureSummary
SiteSetupWindowUserSetupWindow
21CFRPart11þ RequirePasswordPrompt
whenSaving¨ 21CFRPart11þ
RequirePasswordPrompt whenSaving¨
21CFRPart11þ RequirePasswordPrompt
whenSavingþ
RequirePasswordPrompt whenSavingþ
RequirePasswordPrompt whenSaving¨
RequirePasswordPrompt whenSavingþ
-or-
RequirePasswordPrompt whenSaving¨
PromptforPasswordon
eachSave?
Yes,forthatuseratthat
site.
No
Yes,forallusersatthat
site.

Other/RelatedFeatures

Inadditiontopromptingtheuserforapasswordwhensavingarecord,enablingthe 21CFRPart11optionalsoaffectsthefollowingfeatures:
48
MUSE™CardiologyInformationSystem
2034539-048A
AppendixC—21CFRPart11Option
Feature
PatientDataMerge
Description
Bydefaultthesystemmergesstored patientdata(age,gender ,race,height,and weight)whenanewlyacquiredordiagnosis completetestisopenedintheeditor.Ifthe21 CFRPart11optionisenabled,thesystemwill notmergethatdatawhenanunconrmed testisopened.
QTCCalculationBydefault,thesystemrecalculatesQTCdata
whenitisacquiredfromthecart.Ifthe21 CFRPart11optionisenabled,thisdataisno longerrecalculateduponitsacquisition.
UserNameRetrievalBydefault,thesystemassignsusernames
whenitacquiresIDsthatwereenteredatthe card.Ifthe21CFRPart11optionisenabled, thesystemnolongerassignsusernamesto theseIDs.
ElectronicSignatureMessageTheMUSEsystemwilldisplaythe21CFR
Part11eSignatureMessagewhenthe passwordpromptappears.Thismessage canbemodiedinSystem>Setup>Sites
>Advanced.
ReasonforChangeTheMUSEsystemwillprompttheuserfor
areasonforchangeswhenupdatingor discardingpatientdata.Thereasoncanbe chosenfromalistorifOtherisselected,the usercantypeareason.
ChangeLogThisfeaturelogschangestopatientdata.
EnabletheChangeLogatSystem>Setup >Sites>TestTypeSettings,selecttheLog Changescheckboxesforeachtesttype.See
Chapter4“Accounting/Logging”onpage17
forinstructionsonhowtoviewtheChange
Log.
SignatureMessageinDiagnosis
TheMUSEsystemcanbeconguredtoplace asignaturemessageinthediagnosiswhen thetestisconrmed.Enablethesignature messageatSystem>Setup>Sites>Test
TypeSettings,selecttheSignatureMessage inDiagnosischeckboxesforthedesiredtest
types.
2034539-048A
MUSE™CardiologyInformationSystem
49
AppendixC—21CFRPart11Option
50
MUSE™CardiologyInformationSystem
2034539-048A
GEMedicalSystems InformationTechnologies,Inc. 8200WestTowerAvenue Milwaukee,WI53223USA Tel:+14143555000
+18005587044(USOnly)
Fax:+14143553790
GEMedicalSystems InformationTechnologiesGmbH MunzingerStraße5 D-79111FreiburgGermany Tel:+497614543-0 Fax:+497614543-233
AsiaHeadquarters
GEMedicalSystems InformationTechnologies,Inc. Asia;GE(China)Co.,Ltd. No.1HuatuoRoad ZhangjiangHi-techParkPudong Shanghai,People’sRepublicofChina201203 Tel:+862152574650 Fax:+862152082008
GEMedicalSystemsInformationTechnologies,Inc.,aGeneralElectricCompany,goingtomarketas GEHealthcare.
www.gehealthcare.com
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use