Your customer database is the single most valuable asset in your practice. Keeping it secure can, and often is, the difference between success and failure. NOAH 3 provides a secure environment for your data with a system of controls to allow you to 'keep an eye on the prize.'
Database Permissions:
Database systems control what types of activities can be performed, and by whom, using a concept called 'permissions.' A common example of this is a cashier in a grocery store, who can ring up items, but needs a manager's approval code for actions such as refunds, price changes or out of town check acceptance. The cashier has lower level of permission than does the manager.
Figure 1 - Default user levels for NOAH System 3
NOAH 3 provides a security structure based on three different levels of permission. The user with unlimited permission is called the Administrator. The administrator is allowed to manage user accounts, install modules and import and export the database. User levels 1 and 2 have variable levels of permission and can be customized by the administrator. The default permissions for Level 1 and Level 2 users are shown in Figure 1.
Let's look at three specific situations where NOAH System 3's User Levels are helpful in safe guarding your database.
Multi-Provider Clinics:
Large audiology clinics in hospitals or multi-office chains have several critical data security issues. The first is a need for consistency. By limiting the number of people with access to functions like Set number of most recent clients and installing modules, the workstation setup can be the same from clinic to clinic. This allows providers and clients to rotate between locations without having to re-learn the individual set-up at each facility.
The other critical issue in medical settings is careful documentation of all patient activity. A new feature of NOAH System 3 is the ability to delete actions and sessions. While this is a handy option in a small, owner-managed practice, in a medical setting this same activity might be interpreted as altering the medical record. If only the department chair had the ability to delete client actions, the possibility of this alteration is reduced significantly.
University Training Programs:
While we all want graduate students to have a well-rounded and complete clinical experience, we have to be realistic. Just like any clinic, university speech and hearing centers are indeed businesses. In order to provide services to the community (and therefore clinical experience to the students), systems and program functionality must remain 'up and running.' Assigning students NOAH user accounts is a good way to track time spent with clients, but these NOAH users should be assigned very restricted User Levels so they cannot accidentally alter the system setup, delete clients, or install non-certified modules. Faculty supervisors can be assigned higher level access (Level 1) and the Clinic Director can have Administrator Rights.
Private Practice:
Your client database represents the value of your business. Keeping it secure is critical to remaining competitive. To prevent the unauthorized removal of client records from your database; simply un-check Import/Export and User Administration from one of your User Levels.
Should you have any concerns about an employee's access to the database, just edit their user profile and assign them a more restricted User Level. This can also be helpful when dealing with short-term graduate students, clinical fellows, or probationary staff.
Guarding the Front Door:
NOAH System 3 also provides a way to control and document unauthorized access attempts. By enabling the Login system (shown in the figure to the left), you as the administrator force each NOAH user to enter a user name and password before they are granted access to the database. If people mis-type one or the other, they will be given a number of 'second chances.' A permanent record of all logins can be created.
Figure 2 - NOAH System 3's Logon Administration screen
It is generally recommended that users change their passwords periodically. Some institutions may even require this. Using the Password Expiration section of the Logon Administration tab, the administrator defines these rules which include password expiration, forcing new users to change their 'starter' password upon the first successful logon, and enabling a reminder screen telling users how many days they have to change their password (figure 3).
Figure 3 - NOAH System 3 displays this message to remind users to change their password.
Just in case:
Even though you have security measures enabled in your software, use common sense! Keep an eye on your employees and their computer habits. While NOAH System 3's security features are quite sophisticated, they are no substitute for common sense. And please, don't forget to back-up your database regularly. NOAH 3 provides a database backup utility, but several other options exist.
Who and What is HIMSA?
The Hearing Instrument Manufacturers' Software Association (HIMSA) was founded at the beginning of 1993 with the objective of developing, marketing and supporting NOAH - one standard for integrated hearing care software. The heart of NOAH is its 'integration framework,' supported by over 75 hearing care companies worldwide. This framework allows hearing instrument fitting, audiological measurement and office management systems to share a common database.
HIMSA is a privately owned company, but it operates much like a consortium - all suppliers within the hearing care industry who provide NOAH-compatible products have a significant say in the running of HIMSA and in how the standard evolves.
Today, over 75 companies support the NOAH software standard. Nearly half of these companies are hearing instrument manufacturers, representing a market share of approximately 90 percent. These manufacturers have either released NOAH-compatible software or will do so in the near future.
HIMSA's single largest market is served by its U.S. subsidiary in Minneapolis, USA. Over 9700 copies of the NOAH software have been sold in the U.S. as of January 2001, and over 70 percent of hearing health care professionals in the U.S. are NOAH users. NOAH is also available in localized versions for the following markets: Australia, Denmark, France, Finland, Germany, Holland, Israel, Italy, Japan, New Zealand, Norway, Spain, Sweden, Switzerland, the UK and the USA. As of January 1, 2001, total sales of NOAH amounted to over 16,000 units worldwide.
NOAH is sold and supported by HIMSA member companies. A complete list of member companies with web links can be found at: www.himsa.com/himsa/Organization/body_himsaorg.html
NOAH Compatibility means Cooperation:
HIMSA has developed a comprehensive certification system, which ensures that all NOAH-compatible products will operate properly within the NOAH system. You can be sure that if a product bears the NOAH certification seal, it will also offer hassle-free operation.
The newest version of NOAH is called NOAH System 3. It represents years of collaboration between HIMSA developers, member companies and end-users to deliver over one hundred improvements and new features. Some of these features include the ability to:
- Minimize, maximize, resize, and move NOAH windows.
- Display multiple NOAH windows - for example an audiogram module and a fitting module side-by-side.
- Display the complete list of clients stored in the NOAH database and search through client information based on anything from date of birth to hearing instrument type.
- Display client session information in three 'tree-structure' views for more efficient handling of session data.
- Record hearing evaluation results with NOAH 3's robust audiogram module, NOAHaud.
- Import and export client data more easily.
Some of these features will be addressed in future articles for Audiology Online (www.audiologyonline.com).
Look for a future article on Audiology Online about choosing a backup device that suits your particular needs.
