[Jun 28, 2008 8:06] Email phishing scam targeting WebMail users has been reported. More Information
The systems below are maintained and supported by the Health System, including risk management and HIPAA compliance, as of the publication of this document. The applications listed below are the major systems supported by the Health System, but the list is not exhaustive.
If you have questions regarding the risk management or disaster recovery procedures related to a Health System-supported system on which your department depends or if you have a critical system that you want to place under Health System support, call the Computing Services Help Desk (924-5334) for contact information on individual services.
The chart below lists systems with broad use and official medical record status. The most current version of this list is maintained in Health System policy 0218 (Definition, Characteristics, and Maintenance of the Medical Record), available here. Departments responsible for systems identified in this chart must substitute the RiskWatch assessment tool administered by HS/CS for the ITS-RM question sets. For additional information on the RiskWatch tool, contact Jay Early.
| System | Responsible Party |
| CAOS (Heart Center Labs) | Heart Center Computing |
| CAS | Health System Computing |
| Co-path | Pathology |
| Eclipsys/MIS | Health System Computing |
| IDX Physician Billing, Charge capture (TES) | Health System Computing |
| LanVision document imaging | Health Information Services (HIS) and Health System Computing |
| ORMIS System | OR Services |
| PACS – Dicom Imaging | Health System Computing and Radiology |
| Radiology Information System (RIMS) | Radiology |
| SMS Registration, Patient Billing | Health System Computing |
| SMS Resource Scheduling | Health System Computing |
| SoftMed | HIS and Health System Computing |
| Sunquest (labs) | Pathology |
| Tracks | Health System Computing |
In addition, Health System Computing is responsible for the following central systems:
- File Servers (e.g., O:, Q:, Z: drive)
- Microsoft SMS (update management service)
- Network Systems (Agency 209), including Secure Clinical Subnet (SCSN)
- Outlook e-mail and calendaring
- PeopleSoft
- Windows Web Services
See also the HSCS software support policy, which places applications into four categories of support: full, partial, unsupported, and unauthorized.
Note that your department may have chosen to provide alternatives to some of the above central services on a local basis, e.g., file servers.
All systems should have downtime plans and restoration/recovery plans in the event of a system failure. Each system and service has a different return to service timeframe based on its criticality and the severity of the problem. (If you have a contract for a specific service with HSCS, a customized return to service time may be specified.) HSCS regularly performs an IT security risk management process on its own resources, in order to protect its assets and prepare for disaster recovery.