Comments on: News 7/15/09 http://histalk2.com/2009/07/14/news-71509/ Healthcare IT News and Opinion Thu, 18 Mar 2010 16:21:54 -0500 http://wordpress.org/?v=2.8.4 hourly 1 By: BlueDogSpirit http://histalk2.com/2009/07/14/news-71509/comment-page-1/#comment-4789 BlueDogSpirit Wed, 15 Jul 2009 20:37:49 +0000 http://histalk2.com/?p=2384#comment-4789 The letter to ONC from HIMSS ERVA should be of no surprise to anyone. HIMSS is employing another tactic to get HIMSS’ message out. Has anybody noticed that since HIStalk tallied and posted the following polls: “Do you think CCHIT is free of any influence from HIMSS? and ” Should Mark Leavitt and Steve Lieber resign their positions with CCHIT?”, that H. Stephen Lieber and Mark Leavitt seemed to have disappeared from the HIT community? Lieber is no doubt still working behind the scene, reviewing and tweaking the letter that was sent to ONC. Lieber is still the “Wizard of Oz” pulling all the strings for his puppets behind the tax-payer curtain. Next will be letters from the B.O.D. of AHMIA and NAHIT. The letter to ONC from HIMSS ERVA should be of no surprise to anyone. HIMSS is employing another tactic to get HIMSS’ message out. Has anybody noticed that since HIStalk tallied and posted the following polls: “Do you think CCHIT is free of any influence from HIMSS? and ” Should Mark Leavitt and Steve Lieber resign their positions with CCHIT?”, that H. Stephen Lieber and Mark Leavitt seemed to have disappeared from the HIT community? Lieber is no doubt still working behind the scene, reviewing and tweaking the letter that was sent to ONC. Lieber is still the “Wizard of Oz” pulling all the strings for his puppets behind the tax-payer curtain. Next will be letters from the B.O.D. of AHMIA and NAHIT.

]]> By: Arkay http://histalk2.com/2009/07/14/news-71509/comment-page-1/#comment-4788 Arkay Wed, 15 Jul 2009 20:16:10 +0000 http://histalk2.com/?p=2384#comment-4788 Re: strong passwords: I have tried to find out the justification for changing a password every x number of days and the closest I can find is that the practice started in when cracking was the biggest threat to mainframe access. DOD calculated how long a password of traditional length would take to be cracked. This became a best practice defined by auditors ???. Personally I would prefer a password that is defined as strong and would inactivate if say three attempts were made to guess at it. The required changing of passwords has probably lead to more unsafe security practices than the old never changing process. Re: strong passwords:

I have tried to find out the justification for changing a password every x number of days and the closest I can find is that the practice started in when cracking was the biggest threat to mainframe access. DOD calculated how long a password of traditional length would take to be cracked. This became a best practice defined by auditors ???. Personally I would prefer a password that is defined as strong and would inactivate if say three attempts were made to guess at it. The required changing of passwords has probably lead to more unsafe security practices than the old never changing process.

]]> By: Arkay http://histalk2.com/2009/07/14/news-71509/comment-page-1/#comment-4787 Arkay Wed, 15 Jul 2009 20:03:08 +0000 http://histalk2.com/?p=2384#comment-4787 To Bob in Accounting: I don't see any humor in what this physician did and hope they throw the book at him. To Bob in Accounting:
I don’t see any humor in what this physician did and hope they throw the book at him.

]]> By: p_anon http://histalk2.com/2009/07/14/news-71509/comment-page-1/#comment-4784 p_anon Wed, 15 Jul 2009 17:01:31 +0000 http://histalk2.com/?p=2384#comment-4784 SAML never made sense to me, despite several introductions like the one above, until I was able to hear a concrete use for it: 1. User authenticates against a web service using their Windows credentials. 2. Trust relationship exists between Windows (Active Directory) and SAP, and we are able to map Windows users to SAP users reliably. 3. So, assuming the user successfully authenticates in Windows, they are trusted by the SAP system to be the corresponding user in SAP. This SSO-type functionality isn't a new concept, but what IS new is that SAML is a WS-* standard and (at least ideally) will make it easier to set up these kinds of trust relationships. Ideally. SAML never made sense to me, despite several introductions like the one above, until I was able to hear a concrete use for it:

1. User authenticates against a web service using their Windows credentials.
2. Trust relationship exists between Windows (Active Directory) and SAP, and we are able to map Windows users to SAP users reliably.
3. So, assuming the user successfully authenticates in Windows, they are trusted by the SAP system to be the corresponding user in SAP.

This SSO-type functionality isn’t a new concept, but what IS new is that SAML is a WS-* standard and (at least ideally) will make it easier to set up these kinds of trust relationships. Ideally.

]]> By: CDiff http://histalk2.com/2009/07/14/news-71509/comment-page-1/#comment-4783 CDiff Wed, 15 Jul 2009 16:58:14 +0000 http://histalk2.com/?p=2384#comment-4783 RE: Observer,GoSox, and BMC, while the former substandard facilities for the IT department sound truly offensive, I have to say that at my safetynet hospitals the IT team has always had nice workspaces, a ton of hardware, some of it sitting idle, and break areas with mini kitchens. Meanwhile, the clinical areas are in 60s - 70s units with associated bathrooms (hot water? in your dreams), some with call light systems for which parts are no longer available, marginal air quality, and an absolute minimum of basic office/computer hardware. We have not lost sight of our Mission but somewhere along the way the spending/capital priorities took a curve that, if we survive, will take a decade or so to balance out. Extravagance and Envy are deadly sins, so working for perfect contrition along the path. In the meantime, let's dance indeed! RE: Observer,GoSox, and BMC, while the former substandard facilities for the IT department sound truly offensive, I have to say that at my safetynet hospitals the IT team has always had nice workspaces, a ton of hardware, some of it sitting idle, and break areas with mini kitchens. Meanwhile, the clinical areas are in 60s – 70s units with associated bathrooms (hot water? in your dreams), some with call light systems for which parts are no longer available, marginal air quality, and an absolute minimum of basic office/computer hardware. We have not lost sight of our Mission but somewhere along the way the spending/capital priorities took a curve that, if we survive, will take a decade or so to balance out. Extravagance and Envy are deadly sins, so working for perfect contrition along the path. In the meantime, let’s dance indeed!

]]>