The following are the best practices to safeguard computer workstations:
- Establish controls to ensure that PHI is accessible to those with access privileges
- Exit any databases holding PHI before leaving workstations unattended
- Do not disclose or release anything used to authenticate authority, create access, or change PHI, including but not limited to any password, badge, personal identification number, access card, or electronic signature.
- Observe the guidance provided by the information technology department while installing security fixes and updating passwords
- Put in place a system for retrieving any lost electronic PHI
- Keep a precise record of where each workstation containing PHI is located