When a computer auto-remembers a user’s password, there is a potential HIPAA violation.
While a user may enjoy the convenience of the auto-populated password, the user is placing the office into potential HIPAA violation.
When Denticon observes a computer auto-populating a user’s password, it is doing so usually because the computer is setup to auto-fill the username field.
Auto-populating the password allows any person using the computer is able to access patient records via the user’s login. If the person is not a qualified, valid office user, all the office’s patient records are open and exposed for possible privacy violation.
Auto-fill is a great feature to assist the user to quickly populate a field, such as the login username.
Auto-populating a password is not a great feature if the office wishes to remain HIPAA compliant.
To correct the Internet Explorer or Chrome settings on the individual computer:
CHROME
- Click the Chrome “Menu” button in the upper-right corner of the Chrome window, choose “More Tools” > “Clear browsing data…“. Advanced Tab
- To delete everything select All Time or select a specific Date Range.
- Select the “Clear browsing data” button, and Chrome will clear your cache.
Upon a new browser start, the new settings will be in effect:
·Close all open windows
·Re-start a new Chrome browser window
INTERNET EXPLORER
- In Internet Explorer, select the Tools button, point to Security, and then select Delete browsing history.
- Choose the types of data or files you want to remove from your PC, and then select Delete.
For best data security, ensure options are checkmarked:
o Temporary Internet files
o Cookies
o History
o Form data
o Passwords
o InPrivate Filtering data
·Ensure option is not checkmarked: Preserve Favorites website data
·Delete button
Upon a new browser start, the new settings will be in effect:
·Close all open windows
·Re-start a new Internet Explorer browser window