AudiologyOnline Phone: 800-753-2160


Neosensory research in The International Tinnitus Journal - image of product and logo

Protecting Your Database With NOAH 3 User Levels

Protecting Your Database With NOAH 3 User Levels
Brad Ingrao, AuD, MS, CCC-A, FAAA
August 13, 2001
Share:
Database Security:

Your customer database is the single most valuable asset in your practice. Keeping it secure can, and often is, the difference between success and failure. NOAH 3 provides a secure environment for your data with a system of controls to allow you to 'keep an eye on the prize.'

Database Permissions:

Database systems control what types of activities can be performed, and by whom, using a concept called 'permissions.' A common example of this is a cashier in a grocery store, who can ring up items, but needs a manager's approval code for actions such as refunds, price changes or out of town check acceptance. The cashier has lower level of permission than does the manager.


Figure 1 - Default user levels for NOAH System 3

NOAH 3 provides a security structure based on three different levels of permission. The user with unlimited permission is called the Administrator. The administrator is allowed to manage user accounts, install modules and import and export the database. User levels 1 and 2 have variable levels of permission and can be customized by the administrator. The default permissions for Level 1 and Level 2 users are shown in Figure 1.

Let's look at three specific situations where NOAH System 3's User Levels are helpful in safe guarding your database.


Multi-Provider Clinics:

Large audiology clinics in hospitals or multi-office chains have several critical data security issues. The first is a need for consistency. By limiting the number of people with access to functions like Set number of most recent clients and installing modules, the workstation setup can be the same from clinic to clinic. This allows providers and clients to rotate between locations without having to re-learn the individual set-up at each facility.

The other critical issue in medical settings is careful documentation of all patient activity. A new feature of NOAH System 3 is the ability to delete actions and sessions. While this is a handy option in a small, owner-managed practice, in a medical setting this same activity might be interpreted as altering the medical record. If only the department chair had the ability to delete client actions, the possibility of this alteration is reduced significantly.

University Training Programs:

While we all want graduate students to have a well-rounded and complete clinical experience, we have to be realistic. Just like any clinic, university speech and hearing centers are indeed businesses. In order to provide services to the community (and therefore clinical experience to the students), systems and program functionality must remain 'up and running.' Assigning students NOAH user accounts is a good way to track time spent with clients, but these NOAH users should be assigned very restricted User Levels so they cannot accidentally alter the system setup, delete clients, or install non-certified modules. Faculty supervisors can be assigned higher level access (Level 1) and the Clinic Director can have Administrator Rights.

Private Practice:

Your client database represents the value of your business. Keeping it secure is critical to remaining competitive. To prevent the unauthorized removal of client records from your database; simply un-check Import/Export and User Administration from one of your User Levels.

Should you have any concerns about an employee's access to the database, just edit their user profile and assign them a more restricted User Level. This can also be helpful when dealing with short-term graduate students, clinical fellows, or probationary staff.

Guarding the Front Door:

NOAH System 3 also provides a way to control and document unauthorized access attempts. By enabling the Login system (shown in the figure to the left), you as the administrator force each NOAH user to enter a user name and password before they are granted access to the database. If people mis-type one or the other, they will be given a number of 'second chances.' A permanent record of all logins can be created.


Figure 2 - NOAH System 3's Logon Administration screen

It is generally recommended that users change their passwords periodically. Some institutions may even require this. Using the Password Expiration section of the Logon Administration tab, the administrator defines these rules which include password expiration, forcing new users to change their 'starter' password upon the first successful logon, and enabling a reminder screen telling users how many days they have to change their password (figure 3).


Figure 3 - NOAH System 3 displays this message to remind users to change their password.

Just in case:

Even though you have security measures enabled in your software, use common sense! Keep an eye on your employees and their computer habits. While NOAH System 3's security features are quite sophisticated, they are no substitute for common sense. And please, don't forget to back-up your database regularly. NOAH 3 provides a database backup utility, but several other options exist.

Who and What is HIMSA?

The Hearing Instrument Manufacturers' Software Association (HIMSA) was founded at the beginning of 1993 with the objective of developing, marketing and supporting NOAH - one standard for integrated hearing care software. The heart of NOAH is its 'integration framework,' supported by over 75 hearing care companies worldwide. This framework allows hearing instrument fitting, audiological measurement and office management systems to share a common database.

HIMSA is a privately owned company, but it operates much like a consortium - all suppliers within the hearing care industry who provide NOAH-compatible products have a significant say in the running of HIMSA and in how the standard evolves.

Today, over 75 companies support the NOAH software standard. Nearly half of these companies are hearing instrument manufacturers, representing a market share of approximately 90 percent. These manufacturers have either released NOAH-compatible software or will do so in the near future.

HIMSA's single largest market is served by its U.S. subsidiary in Minneapolis, USA. Over 9700 copies of the NOAH software have been sold in the U.S. as of January 2001, and over 70 percent of hearing health care professionals in the U.S. are NOAH users. NOAH is also available in localized versions for the following markets: Australia, Denmark, France, Finland, Germany, Holland, Israel, Italy, Japan, New Zealand, Norway, Spain, Sweden, Switzerland, the UK and the USA. As of January 1, 2001, total sales of NOAH amounted to over 16,000 units worldwide.

NOAH is sold and supported by HIMSA member companies. A complete list of member companies with web links can be found at: www.himsa.com/himsa/Organization/body_himsaorg.html

NOAH Compatibility means Cooperation:

HIMSA has developed a comprehensive certification system, which ensures that all NOAH-compatible products will operate properly within the NOAH system. You can be sure that if a product bears the NOAH certification seal, it will also offer hassle-free operation.

The newest version of NOAH is called NOAH System 3. It represents years of collaboration between HIMSA developers, member companies and end-users to deliver over one hundred improvements and new features. Some of these features include the ability to:
  • Minimize, maximize, resize, and move NOAH windows.

  • Display multiple NOAH windows - for example an audiogram module and a fitting module side-by-side.

  • Display the complete list of clients stored in the NOAH database and search through client information based on anything from date of birth to hearing instrument type.

  • Display client session information in three 'tree-structure' views for more efficient handling of session data.

  • Record hearing evaluation results with NOAH 3's robust audiogram module, NOAHaud.

  • Import and export client data more easily.

Some of these features will be addressed in future articles for Audiology Online (www.audiologyonline.com).

Look for a future article on Audiology Online about choosing a backup device that suits your particular needs.
CareCredit Better Hearing - October 2024

Brad Ingrao, AuD, MS, CCC-A, FAAA

Editor, Electronic Deaf Education Network

Brad Ingrao, M.S.Ed., has a long history of responding to the needs of consumers, parents and colleagues through his participation on over a dozen hearing loss-related listservs and a pro-bono website for parents. As the Coordinator of Audiology Information Services of the Hearing Instrument Manufacturers' Software Association, he addresses quality and accessibility issues in software used for fitting hearing aids.  He authored a multimedia software tutorial for the hearing aid industry that was one of the first such tools to include closed captioning.  Brad serves on the Advisory Board for AudiologyOnline.com, HealthyHearing.com, raisingdeafkids.org  and is a member of the Board of Directors of the Greater Boston Chapter of SHHH.  He is also an adjunct
lecturer in audiology, and part time clinical supervisor at Northeastern University.



Related Courses

Understanding Privilege, for Healthcare Professionals
Presented by Esther Clervaud, EdS
Recorded Webinar
Course: #36096Level: Intermediate1 Hour
Systems of privilege have created a wide division of inequality. This course will help hearing care professionals identify their privilege and determine how to make a difference in their places of employment.

Creating Leadership in Audiology Through a Mentoring Circle
Presented by Natalie Phillips, AuD
Recorded Webinar
Course: #37632Level: Introductory1 Hour
There are so many components to quality patient care that it is challenging to “master” them all. What if you could come together with other professionals who possess knowledge or experience that could help you or your practice? There are a number of veteran audiologists as well as rising professionals who have wisdom, qualifications, narratives, and unique journeys to share. The purpose of this talk is to rethink the traditional mentor/mentee vertical relationship and explore collaboration in the form of circle…where all professionals, regardless of age or experience, learn from each other.

Using Patient-Reported Outcome Measures (PROMs) to Improve Patient-Clinician Communication and Enhance Treatment Efficacy
Presented by Carren Stika, PhD
Recorded Webinar
Course: #35841Level: Introductory1 Hour
Due to the recent increased focus on providing patient-centered healthcare, use of patient-reported outcome measures (PROMs) have become an essential component of assessing whether the services provided improved patients’ health and sense of well-being. This course will discuss the role of PROMs in healthcare and how using these measures in clinical practice can enhance treatment efficacy, improve patient-clinician communication, and assist clinicians in providing better person-centered care.

Learn to Earn the Salary You Deserve: Negotiating Like a Boss
Presented by Natalie Phillips, AuD
Recorded Webinar
Course: #32770Level: Introductory1 Hour
The ability to negotiate your income displays immediate knowledge and confidence in your skillset and worth. In this course, we will examine a revenue and pay justification method to put into place as audiology business owners, employers, and employees.

Core Topics for Audiology Assistants
Presented by James W. Hall III, PhD, Kathleen Weissberg, OTD, OTR/L, Amit Gosalia, AuD
Recorded Webinar
Course: #37123Level: Introductory3 Hours
This course includes one hour of content on each of the following topics: 1) ethical concepts and decision-making; 2) universal safety precautions, including the Occupational Safety & Health Administration's (OSHA) bloodborne pathogens standard, and 3) patient confidentiality and the Health Insurance Portability & Accountability Act (HIPAA).

Our site uses cookies to improve your experience. By using our site, you agree to our Privacy Policy.