Awareness : Security Awareness Tips

Do Not Abuse your Information System Privileges

University of Miami workforce members must be mindful of their responsibilities when given access to University information systems. Such access is a privilege and should only be used for legitimate, job-related activity.

Using such access to look up family members, friends, celebrities and other employees without a genuine, job-related need is an abuse of such privilege and may subject the individual to sanctions, up to and including termination. In particular, the HIPAA federal law protects the privacy and security of patients’ health data. University of Miami medical school employees sign HIPAA confidentiality statements and are governed by both University HIPAA policies as well as University information system policies. These policies apply to ALL workforce members regardless of tenure or rank.

In this regard, employees must guard their authentication credentials such as username and password. Do not share your password with any other workforce member. You do not wish to be held accountable for actions committed by another workforce member using your username and password. If you suspect your password has been compromised, please change it immediately.

Never leave your workstation unattended for any extended period of time, especially when displaying/accessing sensitive information. Before leaving, lock your workstation and/or close the relevant application (Windows users can use and select “Lock computer”).

Use a password-protected screensaver which activates after a suitable time (15 minutes or less) in case you are unintentionally away for longer than expected.

Relevant University policies include Computer Access and Confidentiality and HIPAA – Minimum Necessary (Medical Campus login required).

Posted August 17, 2006