Imprivata OneSign Secure Walk-Away

Unattended desktops put PHI at risk

Care providers work in a hectic environment. At any moment, they may have to drop what they are doing to assist a colleague with another patient or respond to an emergency. When these interruptions cause clinicians to abruptly leave a workstation – especially those workstations located in publicly accessible areas such as nurses’ stations and patient rooms – patients’ protected health information (PHI) can be left exposed and result in a potential HIPAA violation. In busy, shared workstation settings, care providers may not realize that someone else has logged into the desktop since they left it. This can lead to providers charting under the wrong ID or on the wrong patients’ record. Traditional solutions for this problem, including hot-key logoffs and inactivity timers, are problematic:

• Requiring care providers to manually log out is impractical. In an emergency, care providers are not thinking about their computer desktops.
• Automated inactivity timeouts are easily defeated if an unauthorized person accesses the workstation during the timeout countdown
• Requiring care providers to log back in each time they return is time- consuming and frustrating

The bottom line is that unattended PHI creates risks to both HIPAA compliance and patient safety.