This is entirely a data security issue. Depending on the environment, without a logout this is seriously risking a HIPAA violation. Say you're in the hospital and your doctor pulls up your record on a computer in the hallway after they've done rounds on you to put in their observations and notes. However just as he's finishing, his pager goes off, he's off to an emergency, and he forgets to log off.
How many minutes are you okay with your medical record being open for inspection by anyone that walks by? Other medical staff, admin staff, janitorial staff, other patients getting steps in, other patient's families?
It's one of many instances where there's a valid reason for the technology to be implemented as such but since doctors usually aren't thinking about the technology or security aspects they just perceive it as annoying.
> It's one of many instances where there's a valid reason for the technology to be implemented as such but since doctors usually aren't thinking about the technology or security aspects they just perceive it as annoying.
No, there is never a good reason to prevent a professional from doing his job. If the user finds it annoying, it is annoying: that's it!
Learn to work for the user rather than against the user, and you'll become a better developer.
That's simply not true. The user is not the only stakeholder. The example I gave opens up the hospital to fines from the government and in the worst case scenario a massive legal judgement from the patient who's data was breached by a physician leaving his workstation with a patient record opened and it was compromised by a malicious actor.
edit: in any case this is very likely a security configuration by the hospital infosec team, not the developer of the EMR.
The specific example isn't a developer decision. It's a combination of vendor risk management teams, hospital InfoSec/security/compliance, legal teams, laws, and location of computers. Nevermind that setting is just as often a workstation GPO to lock the screen and not even the choice of the software.
(Work for a PACS vendor, subject to the same stuff).
How many minutes are you okay with your medical record being open for inspection by anyone that walks by? Other medical staff, admin staff, janitorial staff, other patients getting steps in, other patient's families?
It's one of many instances where there's a valid reason for the technology to be implemented as such but since doctors usually aren't thinking about the technology or security aspects they just perceive it as annoying.