Reminder: The legacy One Portal is available until 9/23. Visit the new One Portal

Computers

Workstation Security

Though the security of our information largely depends upon measures such as (1) passwords, (2) unique user ids, and (3) audit logs and protective software, workstation security also plays an important role in the protection of electronic protected health information (ePHI). There is the possibility that an unauthorized individual will accidentally or deliberately view ePHI. To prevent accidental or unauthorized viewing or access to ePHI, it is important to remember to:

  1. Keep computer monitors tilted away from public areas and doors; pay attention to "shoulder surfing" ( someone standing behind you or in a position where they can view information on your computer screen) or "piggy backing"(someone following behind you when going through a cardkey entry or other restricted area). Use privacy screens on monitors located in places viewable to the public.
  2. Lock your computer when you walk away from your workstation. To lock a workstation press: Ctrl+Alt+Delete and select “Lock Workstation” or press the Windows Key+L together.
  3. Keep laptops, PDAs and other portable devices locked and secure when not in use.
  4. Never save ePHI on portable devices or computer local hard drive unless the devices are fully encrypted by technology approved by LLUH Information Services.
  5. Practice common-sense security. Make certain that doors and desks are locked when no one is present.
    • Do not leave applications open on your computer when you are not using them.
    • Do not be afraid to ask unauthorized persons to take a step back from a workstation where ePHI could be viewed.
  6. When working from outside of your facility or office, apply the same precautions to protect information.

Password Management

Choosing a strong password is a key measure in securing our ePHI. A strong password should include:

  • A password that is difficult to guess. It should not include your first or last name.
  • At least 12 characters long, comprised of at least one letter, and one number, one special character, one upper case letter.

Passwords should not be specifically related to something personal, (e.g. birth date, ATM code, pet or grandchild's name).

Users should never share passwords with others, including managers or co-workers, as the user will be accountable for anything that happens as a result.

Passwords should be changed regularly. A good rule of thumb is to change passwords every 30-60 days, but should not exceed 90 days.

Choose a new password every time you change it. Do not simply alternate between 2 or 3 variations.

Previous | TOC | Next

notification_important One Portal Maintenance
We’re cleaning up One Portal and removing outdated content to improve your experience. For more info or help, contact us.

We’re Stronger Together

We're building the future of clinical care and education to better serve our community.

Learn How