When Software Security Meets the Real Users

Oh, this text on how medical professionals need to fight bad information systems, especially security policies is a sad read. Some selected quotes:

asking the most junior person on staff to keep pressing the space bar on everyone’s keyboard to prevent timeouts

One clinician mentioned that his dictation system has a 5 minutes timeout that requires a password and that during a 14-hour day, he spends almost 1.5 hours logging in. In other cases, the auto-logout feature exists on some systems but not all of them such that sometimes staff expect to be logged out when they are not

None of this is really surprising to me; any inadequate system seems to have a tendency to create its own shadow workflow that hides problems by working around them.

There’s also a case where a doctor couldn’t find the required medication in the software. He found a custom field with free text where he noted the prescription, but the box was not visible on the other end so the prescription was never given and the patient lost half his stomach.

cohost! - “Paper: You Want My Password or a Dead Patient?”