Presentation is loading. Please wait.

Presentation is loading. Please wait.

Scott Van Heest IT Specialist, Data Analysis and Support Team, NPCR, CDC Denise Farmer CDC/NPCR Contractor Division of Cancer Prevention and Control National.

Published byJocelyn Sims Modified over 8 years ago

Similar presentations

Presentation on theme: "Scott Van Heest IT Specialist, Data Analysis and Support Team, NPCR, CDC Denise Farmer CDC/NPCR Contractor Division of Cancer Prevention and Control National."— Presentation transcript:

1 Scott Van Heest IT Specialist, Data Analysis and Support Team, NPCR, CDC Denise Farmer CDC/NPCR Contractor Division of Cancer Prevention and Control National Center for Chronic Disease Prevention and Health Promotion NAACCR 2010 Annual Conference Quebec City, Canada June 24, 2010 ABSTRACT PLUS VERSION 3: Security Standards Upheld

2 Background  NPCR program standards require registries to have data security procedures in place to ensure cancer registry data are available only to those who need to use it for legitimate purposes  Controlling access to data helps ensure patient privacy and data confidentiality  Abstract Plus version 3, has improved software features to uphold security standards

3 Abstract Plus Purpose  Summarize the medical record into an electronic report of cancer diagnosis and treatment by abstractors and other individuals or groups who work with cancer data  Conduct casefinding, reabstracting (blind or un- blinded), and recoding audits of reporting facilities and central registry coding staff  CDC provides support and consultation to state central registries for their state-specific customization and distribution of the Registry Plus software

4 Abstract Plus Functions  Used to abstract, code, and audit cancer cases using standard data items and codes  Supports abstraction and auditing of all data items in national standard data sets, including all text fields and state-specific data items  Entered abstracts are validated by customizable edits, allowing for interactive error correction while abstracting  Customized by central registries for distribution to and use by hospitals and other reporting sources  Also used for special projects and start-up registries

5 Security Features  Options to configure security policies  Form-based authentication, and Challenge Questions for individual users  User passwords stored and encrypted using a one-way hash method  Microsoft Access encrypted databases  Microsoft SQL Server database option  Role-based access

6 Results: Application Preferences  Security Policies  Security Challenge Questions  Password Expiration, Re-use, and Password Expression (restrictions) options  Database options

7 Security Policies Options for challenge question setup and use Options for password expiration, re-use and password restrictions

8 Security Questions  Security Challenge Questions can be added or removed from current list of questions Add or remove challenge questions to be presented to the user

9 Password Expression Test custom password restrictions  Customized password restrictions can be set via regular expression, or the default expression can be used Use default Edit

10 Database Options SQL Server options

11 MS Access Encrypted Databases  Password protected access outside application  User passwords encrypted in database  Common database access needs met through menu selections  Support available for database customization

12 MS SQL Server Database Option  Requires SQL Server database management for abstract database  Allows multi-user abstract database access, with record locking  Requires database connection string for setup  SQL Server offers inherent security features  Login same as MS Access option  Database option included in title bar

13 Role-based Access  Facility Abstractors (login access):  Add, edit, delete, print, and export abstracts  Auditors (additional password required) – perform all Facility Abstractor functions, plus:  Perform casefinding, reabstracting, and recoding audits  Administrators (additional password required) - perform all Facility Abstractor and Auditor functions, plus:  Set application preferences  Manage abstracting and auditing display types, and set up audit databases  Manage user accounts and passwords  Maintain Administrator/Auditor passwords

14 Form-based Authentication  Login requires valid username and password  First-time access to application requires setup of user account  Initial login requires setup of user’s password with challenge security questions  Forgotten password can be reset by user with valid answers to challenge questions  Password can be managed by user or administrator  User allowed to change password (must know old password)

15 Creating User Account on Initial Access  Enter User Name, User ID, and Initials  Click Add  Click Close User ID User NameUser ID

16 Initial Log In  Enter User ID form new user account  Enter default, initial access password (Welcome1)  Update default password to new secure, user-specified password User ID Welcome1 Enter and confirm new password

17 Define User’s Security Questions  Prompted to select and answer required number of questions  Each selected question must be different  Verification of answers used to reset forgotten password Select questions and answers

18 Routine Log In  User ID and Password required  Password is case sensitive  Click Forgot Password to reset password using security questions to verify user  Click Change Password to change existing, known password Password User ID

19 Conclusions Abstract Plus version 3:  Provides user-friendly, flexible options for meeting changing security standards  Preserves the confidentiality, integrity, and availability of cancer registry data

20 For more information please contact Centers for Disease Control and Prevention 1600 Clifton Road NE, Atlanta, GA 30333 Telephone, 1-800-CDC-INFO (232-4636)/TTY: 1-888-232-6348 E-mail: cdcinfo@cdc.gov Web: www.cdc.gov Thank You! Denise Farmer, dfarmer@cdc.govdfarmer@cdc.gov Joe Rogers, jrogers@cdc.govjrogers@cdc.gov Sherrie Stein, sstein@cdc.govsstein@cdc.gov Kathleen K. Thoburn, kthoburn@cdc.govkthoburn@cdc.gov National Center for Chronic Disease Prevention and Health Promotion Division of Cancer Prevention and Control The findings and conclusions in this report are those of the authors and do not necessarily represent the official position of the Centers for Disease Control and Prevention.

Download ppt "Scott Van Heest IT Specialist, Data Analysis and Support Team, NPCR, CDC Denise Farmer CDC/NPCR Contractor Division of Cancer Prevention and Control National."

Similar presentations

Instructions and Reporting Requirements Module 5 Electronic Reporting For Facilities March 2014 North Carolina Central Cancer Registry State Center for.

Instructions and Reporting Requirements Module 5 Electronic Reporting For Facilities March 2014 North Carolina Central Cancer Registry State Center for.
GALVESTON COUNTY, TX P-CARD TRAINING GALVESTON COUNTY.

GALVESTON COUNTY, TX P-CARD TRAINING GALVESTON COUNTY.
Web Plus Overview Division of Cancer Prevention and Control National Center for Chronic Disease Prevention and Health Promotion CDC Registry Plus Training.

Web Plus Overview Division of Cancer Prevention and Control National Center for Chronic Disease Prevention and Health Promotion CDC Registry Plus Training.
Your NEW Social Services Verification Tool

Your NEW Social Services Verification Tool
Username1 ********* To Sign In, enter your pre-assigned Key Customer User Name and Password in the appropriate fields and click ‘Sign In’. Welcome to the.

Username1 ********* To Sign In, enter your pre-assigned Key Customer User Name and Password in the appropriate fields and click ‘Sign In’. Welcome to the.
Password Reset Instructions PART 1 The following set-up tasks must be performed first in order to use the Automated Password Reset feature. 1.Log into.

Password Reset Instructions PART 1 The following set-up tasks must be performed first in order to use the Automated Password Reset feature. 1.Log into.
Web Pricing User Manual https://www.commissaries.com/webpricing.

Web Pricing User Manual
Procurement Card Training Strategic Account Management (SAM)

Procurement Card Training Strategic Account Management (SAM)
Constructing a Data Management System National Center for Immunization & Respiratory Diseases Influenza Division Regional Training Workshop on Influenza.

Constructing a Data Management System National Center for Immunization & Respiratory Diseases Influenza Division Regional Training Workshop on Influenza.
Updating User Information Password – use this field to change your own password Confirm Password – retype the new password for verification purposes To.

Updating User Information Password – use this field to change your own password Confirm Password – retype the new password for verification purposes To.
IHE Structured Data Capture (SDC) for use in Cancer Registries

IHE Structured Data Capture (SDC) for use in Cancer Registries
Individual User Logins

Individual User Logins
Database Structure Basics National Center for Immunization & Respiratory Diseases Influenza Division Pam Kennedy Analyst, McKing Consulting Regional Training.

Database Structure Basics National Center for Immunization & Respiratory Diseases Influenza Division Pam Kennedy Analyst, McKing Consulting Regional Training.
Presentation Title Presenter(s) Centers for Disease Control and Prevention AIDS 2012 - Turning the Tide Together.

Presentation Title Presenter(s) Centers for Disease Control and Prevention AIDS Turning the Tide Together.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Denise Luther Senior IT Consultant Practical Technology Enablement with Enterprise Integrator.

Denise Luther Senior IT Consultant Practical Technology Enablement with Enterprise Integrator.
Harold H. Collins Information Technology Specialist Epi Info™ Language Translation Process Korean Public Health Surveillance Conference 1 April 2011 Epi.

Harold H. Collins Information Technology Specialist Epi Info™ Language Translation Process Korean Public Health Surveillance Conference 1 April 2011 Epi.
Abstract Plus Abstract Plus Overview for Pacific Regional Central Cancer Registry Honolulu, Hawaii March 7, 2009 Software for Abstracting and Coding Cancer.

Abstract Plus Abstract Plus Overview for Pacific Regional Central Cancer Registry Honolulu, Hawaii March 7, 2009 Software for Abstracting and Coding Cancer.
Harold H. Collins Information Technology Specialist Epi Info™ Language Translation Process Korean Public Health Surveillance Conference 1 April 2011 Epi.

Harold H. Collins Information Technology Specialist Epi Info™ Language Translation Process Korean Public Health Surveillance Conference 1 April 2011 Epi.
Harold H. Collins Information Technology Specialist Epi Info™ Background Korean Public Health Surveillance Conference 30 March 2011 Epi Info™ Background.

Harold H. Collins Information Technology Specialist Epi Info™ Background Korean Public Health Surveillance Conference 30 March 2011 Epi Info™ Background.

Similar presentations

Ads by Google