Click here for PDF version

Just like alarm codes are used to prevent home invasions and protect personal possessions, computer passwords are used to prevent unauthorized individuals from accessing protected health information (PHI) stored in applications, databases, and on electronic devices and protect patient privacy.

However, it is one thing to just have passwords, but it is another thing to have a strong password management system.  The system's success depends on us doing the right thing.

Specifically, we all must...

1.  Never disclose our passwords to co-workers.

2.  Never display our passwords in public places (e.g. taped to computer monitors, stored under keyboards).

3.  Make our passwords 8 characters or longer.

4.  Change passwords at regular intervals.

5.  Create passwords with 3 out of the 4 categories (upper/lower case letters, numbers, special characters).

6.  Encrypt passwords stored in electronic devices (laptops, PDAs).

7.  Not include passwords in any automated log-on process (e.g. stored in a macro or function key)

If you share your password with someone and that individual then uses your password to commit a privacy/security violation (e.g. unauthorized access to PHI), then you are ultimately held responsible.

You will be subject to disciplinary action for any violation that occurs with your UserID and password - up to and including termination.

Avoid a mess... protect your password!!!