Grand River: Respond to this Survey
General Questions
    The system contains, proccesses or transmits PHI The system is accessible via the Internet The system is accessed by a Third Party (e.g. for maintenance, support, other) The system is accessible from public locations such as kiosks Mobile devices are used to directly access the system What is the longest amount of time your department can continue operations if application is not available?
EMR Galactica 
Allscripts Practice Management 
Allscripts E.H.R 
MUSE 
PACS 
Summit Interface Engine 
Meditech 
Netfax 
SSI 
Payer Path 
Melyx 
Quantum 
Mxsecure  
Turbo Doc 
Digital Hand Held Dictation 
Dictaphone 
Dictaphone Dragon 
Nihon Kohden 
InstaMed 
Pyxis 
ER Database 
Diver 
MicroMedics 
CareMedic 
Night Hawk 
Mayo Lab 
Kronos 
Outlook 
Point of Sales system 
Blackberry Server 
WebMD/Emdeon 
CareLearning 
CraneWare 
BeepWest Digital Pager 
UptoDate 
MSDS Data Sheets 
Encana MSDS Data Sheets 
RX Natural Database 
NCME TV 
On Call Database 
Phone List 
Interpreters Service 
ACU Bed Roster 
Garfield Directory 
Forms Folder 
Policy & Procedures 
RX Formulary 
Medical Staff 
Provider References 
E-Disaster 
Cafeteria Menu 
Employee Bulletin 
Employee Benefits 
GRHD Job Posting 
CHA Directory 
Recycling 
Rehab Exercise 
Intaglio Chart system 

 

Does your department have documented procedures to be performed to capture data in the event that the application is not available?

What is the longest amount of time your department can continue operations if the Internet is not available?

What is the longest amount of time your department can continue operations if the internal network is not available?

Reputation / Customer Confidence
  All N/A Disclosure Modification Interruption Loss

 

 

Criteria for Evaluating Risk Impacts

Impact Area

High

Medium

Low

Reputation / customer confidence

·         Reputation irrevocably destroyed or damaged

·         Loss of rating or accreditation by review organizations

·         More than 30 percent drop in customers due to loss of confidence

·         Reputation damaged; some effort and expense required to recover

·         Reduction or warning of reduction of rating or accreditation by authorizing organizations

·         Drop in customers of 10 to 30 percent due to loss of confidence

·         Public violations of Privacy Act: (1) disclosure to personnel within the medical treatment facility without the need to know; (2) anyone who violates the Privacy Act and reveals sensitive medical information

·         Patient driven to seek care from another source

·         Reputation minimally affected; little or no effort or expense required to recover

·         No change in rating or accreditation by authorizing organizations

·         Less than 10 percent drop in customers due to loss of confidence

·         Nonpublic violation of Privacy Act (disclosure to personnel within the medical treatment facility with a need to know - trusted agent)
EMR Galactica 
Allscripts Practice Management 
Allscripts E.H.R 
MUSE 
PACS 
Summit Interface Engine 
Meditech 
Netfax 
SSI 
Payer Path 
Melyx 
Quantum 
Mxsecure  
Turbo Doc 
Digital Hand Held Dictation 
Dictaphone 
Dictaphone Dragon 
Nihon Kohden 
InstaMed 
Pyxis 
ER Database 
Diver 
MicroMedics 
CareMedic 
Night Hawk 
Mayo Lab 
Kronos 
Outlook 
Point of Sales system 
Blackberry Server 
WebMD/Emdeon 
CareLearning 
CraneWare 
BeepWest Digital Pager 
UptoDate 
MSDS Data Sheets 
Encana MSDS Data Sheets 
RX Natural Database 
NCME TV 
On Call Database 
Phone List 
Interpreters Service 
ACU Bed Roster 
Garfield Directory 
Forms Folder 
Policy & Procedures 
RX Formulary 
Medical Staff 
Provider References 
E-Disaster 
Cafeteria Menu 
Employee Bulletin 
Employee Benefits 
GRHD Job Posting 
CHA Directory 
Recycling 
Rehab Exercise 
Intaglio Chart system 
Life / Health of Customers
  All N/A Disclosure Modification Interruption Loss

 

 

Criteria for Evaluating Risk Impacts

Impact Area

High

Medium

Low

Life/health of customers

Loss of customer life

Permanent impairment of one or more significant aspects of customer's health (e.g., loss of use of one or more limbs, blindness, brain damage)

Inability to provide patient care for more than a week

Safety violated

Customer life threatened but recoverable with additional treatment

Temporary or recoverable impairment of customer's health (e.g., recovering use of limbs through physical therapy)

Inability to provide patient care for one to two days

Safety affected

No loss or significant threat to customer life

Minimal, immediately treatable degradation in customer health with recovery within four days

Continuity of care requiring increased communication between providers at different facilities

Safety questioned
EMR Galactica 
Allscripts Practice Management 
Allscripts E.H.R 
MUSE 
PACS 
Summit Interface Engine 
Meditech 
Netfax 
SSI 
Payer Path 
Melyx 
Quantum 
Mxsecure  
Turbo Doc 
Digital Hand Held Dictation 
Dictaphone 
Dictaphone Dragon 
Nihon Kohden 
InstaMed 
Pyxis 
ER Database 
Diver 
MicroMedics 
CareMedic 
Night Hawk 
Mayo Lab 
Kronos 
Outlook 
Point of Sales system 
Blackberry Server 
WebMD/Emdeon 
CareLearning 
CraneWare