System Access

Since we manage critical systems potentially containing sensitive PHI information on behalf of our clients, we need to ensure that all access to systems adheres to the following rules. If you notice any violation of these, please report it immediately to the Security Officer.

1. Your email ID (or other unique identifiers such as SSH keys) are unique to you and must not be shared with anyone else within or outside the company.

2. You have been given a laptop by the company. Only use this laptop for any work related to the company or accessing its systems. Do not utilize any personal systems to do so without explicit permission from the Security Officer.

3. Passwords must adhere to the following standards - Personal workstation passwords: minimum 8 characters, combination of letters numbers, and special characters, but at a minimum at least one number and at least one special character. Passwords must be changed every 90 days. It is not documented here to minimize risk. No default passwords should be used. Passwords must be encrypted.

4. Ensure your personal workstation is set to log you off and / or lock if you step away from it.

5. Do not use your laptop for any illegal or harmful activities. If you're not sure, don't do it.