Satu Password, Banyak Tangan: Saat Admin Puskesmas Gak Punya Privasi Sendiri (Manajemen Akses Longgar)

🔀 Read in English 🇬🇧

Selamat Datang di Hajriah Fajar: Hidup Sehat & Cerdas di Era Digital

Satu Password, Banyak Tangan: Saat Admin Puskesmas Gak Punya Privasi Sendiri

Ada satu komputer di pojok ruangan. Layarnya udah agak kuning, keyboard-nya bunyinya cetak-cetek kayak mesin ketik. Tapi bukan itu yang bikin geli. Di sticky note pinggir monitornya, tertulis besar-besar: admin123.

Semua orang tahu. Semua. Dari petugas imunisasi, bagian loket, sampai cleaning service. Bukan karena mereka jahat, tapi karena sistemnya memang begitu. Mau akses data pasien? Ya login pakai akun itu. Shift pagi, shift siang, bahkan pas malam jaga, semua pakai login yang sama.

Lucunya, semua orang tahu password-nya, tapi nggak ada yang berani ganti. Takut error. Takut nggak bisa buka SIMRS. Takut dimarahin atasan. Jadi ya sudah. Sistem berjalan. Data pasien diakses berkali-kali. Tanpa jejak.

Ini bukan cerita karangan. Ini realita yang terjadi di banyak fasilitas kesehatan. Apalagi di daerah. Admin IT-nya satu, nakesnya banyak, dan sistemnya… ya seadanya.

Login Kolektif, Risiko Kolektif

Di atas kertas, sistem manajemen akses itu ideal: setiap orang punya akun sendiri, dengan izin berbeda tergantung jabatan. Tapi di lapangan? Teorinya langsung tumbang. Alasannya sederhana: repot. Ribet. Nambah akun katanya bikin berat. Ada juga yang bilang, "Kan kita sama-sama kerja untuk pasien, kenapa harus dibatasi?"

Padahal batasan itu bukan untuk mempersulit, tapi untuk melindungi. Bukan cuma data pasien, tapi juga tenaga kesehatan itu sendiri. Bayangin kalau ada penyalahgunaan data, siapa yang bertanggung jawab? Kalau semua pakai satu akun, siapa yang bisa dilacak?

Entah kenapa, privasi dan keamanan sering dianggap barang mewah di dunia layanan publik. Padahal justru karena ini layanan publik, harusnya kita ekstra hati-hati.

Cerita Klasik: Akses Tanpa Jejak

Saya pernah ngobrol sama seorang perawat di klinik 24 jam. Namanya disamarkan, kita sebut aja Mbak Reni. Dia cerita, suatu hari ada pasien protes karena data diagnosanya tiba-tiba berubah. Padahal dia nggak pernah balik lagi ke klinik itu.

Ternyata, salah satu staf malam iseng-iseng masukin data palsu buat "latihan ngetik" karena lagi sepi pasien. Akses pakai akun admin umum. Nggak ada yang tahu siapa yang masukin. Pas ditanya atasan? Semua saling tunjuk.

Kejadian kayak gini bukan soal sistem jelek. Tapi soal budaya. Budaya kerja yang nganggep data digital itu kayak kertas fotokopi: gampang dibuka, dibuang, ditukar.

Kenapa Ini Harus Diubah?

Karena data medis itu bukan cuma angka. Itu cerita hidup seseorang. Diagnosis, riwayat trauma, konsumsi obat, penyakit turunan. Bayangin kalau data itu jatuh ke tangan yang salah. Atau dimodifikasi diam-diam. Efeknya bisa lebih fatal dari sekadar typo.

Dan lebih jauh lagi, kalau kepercayaan masyarakat ke sistem digital runtuh, semua inisiatif digitalisasi bakal sia-sia. Termasuk SATUSEHAT.

Gimana Dong Solusinya?

Nggak harus langsung beli sistem mahal. Mulai aja dari membiasakan akun personal. Sosialisasikan pentingnya jejak akses. Bikin log sederhana yang mencatat siapa akses apa, kapan. Kalau perlu, bikin shift login—setiap petugas dikasih kode sendiri.

Dan satu hal yang paling penting: berhenti nganggep keamanan itu hal ribet. Keamanan bukan penghambat kerja, tapi jaring pengaman. Kayak helm pas naik motor. Emang agak berat, tapi nyelametin kepala.

Penutup yang Nggak Bener-Bener Nutup

Kadang saya mikir, gimana bisa kita bicara transformasi digital kalau cara kita login masih zaman warung fotokopi? Tapi ya gitu. Perubahan kadang datang bukan dari kebijakan, tapi dari satu orang yang bilang, "Eh, jangan login pakai akun itu terus, dong."

Mungkin perubahan itu dimulai dari kamu.

Welcome to Hajriah Fajar: Living Smart & Healthy in the Digital Age

One Password, Too Many Hands: When Health Staff Lose Their Own Digital Privacy

There’s a dusty old computer in the corner. The monitor’s a bit yellow, the keyboard sounds like a typewriter. But that’s not the funny part. Taped to the side is a sticky note, proudly displaying: admin123.

Everyone knows it. Seriously. The vaccination officer, the receptionist, even the cleaning staff. Not because they’re reckless, but because the system was made that way. Want to access patient data? Just log in with that one account. Morning shift, night shift, emergencies — same credentials.

The absurd part? Everyone knows the password, but no one dares to change it. Scared it’ll break the system. Scared the SIMRS won’t load. Scared they’ll get blamed. So it stays. And the data? Open to anyone. No trace.

This isn’t fiction. This is the daily reality in many clinics and health centers, especially in underserved regions. One IT guy, dozens of staff, and a system duct-taped together with good intentions and shared logins.

Shared Access = Shared Risk

On paper, access management sounds perfect: each user gets a personal account with limited permissions. But in the real world? That dream collapses fast. It’s “too much hassle,” they say. “Slows things down.” Some even ask, “Aren’t we all working for the same patient? Why separate us?”

But here’s the thing — those separations exist to protect everyone. Not just the patient, but the staff too. Imagine if someone tampers with a medical record. Who’s responsible? If the whole department logs in as ‘admin,’ who do you blame?

Privacy and security are often seen as luxuries in public service settings. Ironically, those are the exact places where we need them the most.

An Old Tale: Access Without Accountability

I once talked to a night-shift nurse at a 24/7 clinic. Let’s call her Reni. She told me about a patient who came back angry because their diagnosis suddenly changed. But the patient hadn’t returned in weeks.

Turned out, a bored night staffer had been "practicing data entry" using real records. Same ‘admin’ login. No one knew who did it. When questioned, everyone pointed fingers.

This wasn’t a failure of technology. It was a failure of culture — a culture that treats digital data like scratch paper. Editable. Recyclable. Disposable.

Why This Has to Change

Medical data isn’t just numbers. It’s someone’s life story. Diagnoses. Medication history. Genetic risks. Imagine if that falls into the wrong hands. Or gets silently altered. The damage could outlast the patient’s lifetime.

And beyond that — if people lose trust in digital systems, it ruins every effort made toward digital transformation. Yes, including SATUSEHAT.

So What Can We Do?

We don’t need expensive solutions. Just start with culture. Encourage individual logins. Create basic access logs — who did what, when. If you must, use rotating login codes per shift. Anything that introduces accountability.

And more importantly, stop thinking of security as a barrier. It’s not a hassle. It’s a helmet. Annoying, yes. But it saves lives.

Not Quite a Conclusion

Sometimes I wonder, how do we talk about digital transformation when our login system still belongs in a photocopy shop? But hey — maybe change doesn’t start with a policy. Maybe it starts when one admin finally says, “Hey, stop using that same password all the time.”

Maybe that admin is you.