Break Glass

From Clinfowiki
Revision as of 16:02, 6 November 2014 by Arun Rajan (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

In healthcare, Break Glass refers to a procedure to enable emergency access to electronic protected health information (ePHI). It derives from the concept of the breaking the glass to trigger an alarm in the event of fire in a building or other emergency events (e.g. in public transport vehicles).

In emergent circumstances, access to information may be needed for treatment. To avoid disruptions in patient care in these emergencies, Break Glass offers a mechanism for system access which is otherwise secured by user authentication and authorization protocols. For example, in the absence of a practitioner (due to death, disability or time away) it may be necessary for other individuals (including practitioners or administrators) to access health information for patient care management. Other situations may include legitimate access issues (account problems – forgotten password; user authentication or authorization failures etc.).

The Break Glass solution includes usernames/passwords (for one-time use) that permit system access in emergent circumstances but the key requirement of HIPAA is that policies for a clear audit trail be established in place to track ePHI access. Typically, a Break Glass warning alert screen is presented to the user and inappropriate use (e.g. illegal review of a celebrity’s ePHI) is monitored.

Retrieved from "https://www.clinfowiki.org/wiki/index.php?title=Break_Glass&oldid=18392"