To prevent any potential security oversights, all server-side services and resources are locked down by default. Users or other agents must be explicitly granted access to specific services.
In other words, no user, tablet, or EMR is granted access to do anything more than the bare minimum required to do its specific job.
Some examples of these restrictions include:
- no tablet is able access a patient chart without an authorized EMR user specifically granting access to the tablet for that patient’s chart on that day.
- individual users are systematically blocked from accessing data from any other site.
To ensure that these access constraints are always enforced, automatic security access filters are implemented on the server.
This server-side firewall ensures there is no access to a “backdoor” that might be exploited by malicious clients or compromised web browsers.