The Board of Supervisors Tuesday unanimously approved funding for a database that will track the delivery of health care and other services across county departments, allowing social workers, doctors and psychiatrists to share information.
The first phase of the new database will link the departments of Children and Family Services, Mental Health and Health Services.
The system will enable a doctor or mental health worker to determine whether someone they’re treating has received services from other county agencies by allowing the sharing of medical records to the extent allowed by law.
That’s key, said Supervisor Sheila Kuehl, because “the same people, the same families come and seek our help from so many different departments.”
Infrastructure for sharing information across additional departments will also be developed as part of the county’s effort to centralize data tracking of everything from “restaurant ratings to crime statistics,” said Supervisor Mark Ridley-Thomas, who said he expected the work would save hundreds of millions of dollars.
Ridley-Thomas also called for enhanced security, citing data breaches in the Probation and Public Health departments.
Audits found that terminated employees’ accounts were not deactivated, allowing hundreds of ex-workers continued access to sensitive information. Both departments also failed to track electronic equipment, so that desktops, laptops and other devices with sensitive information were misplaced or unaccounted for.
“Information technology is a critical component of good government,” Ridley-Thomas said. “We need to up our game.”
A 2014 break-in at the office of a health services provider led to the theft of computers with unencrypted data on more than 330,000 patients.
Beginning last year, county staffers began encrypting data, and county Chief Information Officer Richard Sanchez told the board that nearly 100 percent of desktop data is now protected.
Sanchez hailed the new integrated database as a ” watershed moment for the county.” He said the client identity-management technology is something the county had been wanting since the 1980s. But only now is a reliable, commercial product available, the CIO said.
At Ridley-Thomas’s recommendation, the board directed staffers to report back in 60 days on the feasibility of conducting security reviews in every department and asked that departments with identified breaches report back every 90 days on steps taken to correct vulnerabilities.
Additionally, staffers were directed to report back in 90 days with a broad, policy-based discussion of the county’s information technology systems and their integration.
— City News Service