Document or a policy for who gets access to RALS

Does IT have any guidelines to who can access what types of software when? IT would probably have the "code and password" thought encode within a procedure or process......I would check that first for guidelines....unless it is IT that is asking....

I have a policy on operator management. Recently IT Security requested that I add who can access the middleware so I added this to the policy:

PROCESS:

• I. RALS SYSTEM: GRANTING "POCC" AUTHORITY LEVEL

• 1. Laboratory or Nursing Education Personnel must contact the Point of Care Coordinator (POCC) to request this level of access via email

• 2. The POCC will assess the request and grant access based on the users requirement

• 3. The POCC will create an Operator ID, grant authority level and enter password, following Partner's Password Standards, into the RALS system

• 4. Users will be trained by POCC according to authority level granted

• 5. The POCC will perform a review twice a year of POCC Authority Level users to ensure that they are active hospital employees and still require this level of access to perform their job duties

• 6. The POCC will review the HR Term reports weekly and delete any termed POCC access users

I hope this helps!

Mary Wrenn, MT (ASCP)

Point of Care Coordinator

Newton Wellesley Hospital

2014 Washington Street

Newton, MA 02462

phone:  617-243-5476   fax:  617-243-5627

pager:  617-243-5858 #51249

email: mwrenn@partners.org

Thank you. Appreciate your help.

It's not a question on who should access- it's how we want to write it up.

I just needed some wordsmithing. :-)