Study: EMR password not protected by majority of medical staff

Kelly Gooch - Print  | 

A majority of medical staff share their EMR passwords, according to a study published in Health Informatics Research.

For the study, researchers — from Ben-Gurion University of the Negev in Beer-Sheva, Israel, Harvard Medical School in Boston, Duke University in Durham, N.C., Hadassah-Hebrew University Medical Center in Jerusalem, Israel, and the Interdisciplinary Center in Herzliya, Israel — surveyed 299 medical and paramedical staff. The four-question Google Forms-based survey, which was published on Facebook and distributed to healthcare workers, took place between early 2014 and early 2015.

The study found 220 respondents (73.6 percent) have given their EMR password to at least one other staff member.

Out of the 299 respondents, 171 answered the question regarding how many EMR passwords they had been given. The 171 respondents said they have used another staff member's EMR password 4.75 times, on average, according to the study.

Additionally, the study found all 45 resident respondents had obtained the EMR password of another staff member, compared to only 57.5 percent of nurse respondents.

"The use of unique user IDs and passwords to defend the privacy of medical data is a common requirement in medical organizations. Unfortunately, the use of passwords is doomed because medical staff members share their passwords with one another. Strict regulations requiring each staff member to have it's a unique user ID might lead to password sharing and to a decrease in data safety," the study authors concluded.

Read the full study here.

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

To receive the latest hospital and health system business and legal news and analysis from Becker's Hospital Review, sign-up for the free Becker's Hospital Review E-weekly by clicking here.