The TELUS Collaborative Health Record (CHR) has a number of security settings. Some are controlled by you and apply only to your user account (see User specific security settings). Others are account-wide security settings that apply to all clinic users.

CHR account owners can configure the following account-wide security settings:

If you are not an account owner and you want the above account-wide security settings added or modified, speak to your TELUS Health contact, or reach out to the TELUS Health support team through the in-app support bubble. See Contact us.


1. From the main menu, click Settings > Security > Account.

2. Modify the following security settings:

Security Setting


Trusted IP Address Ranges

Allow only specific IP addresses to access your clinic's CHR domain.
📌 Note: This feature is only suitable for your clinic if all users use static IP addresses to access the CHR. If you turn this on and you try to access the CHR from a dynamic IP address you will not be able to log in.

  1. Click + Add Trusted IP Address Range.
    An Add Trusted IP Address Range window appears.

  2. In the Name field, type any name.

  3. In the IP Address Range field, type your actual IP Address.

  4. Select which user(s) it must apply to.

  5. Click Save.

📌 Note: You can add the IP address to one or all clinic users. If you want to apply the IP Address to a select number of users, you must add it per user.

Once you have added a trusted IP address, anyone trying to access your CHR account that is not on a specified network address will see the below message.

Allow concurrent sessions

By default, this is enabled, which allows users to sign into their CHR accounts on multiple devices simultaneously.

Select Disable to prevent concurrent access to multiple devices.

For example, you start an encounter note in your office on device A and then move into the examination room, using device B. You will return to the encounter note where you left off. All entries made in the office on device A are auto-saved.

Password Compliance - HIPAA Compliant

Select Enable if you want to enforce that all users use high-security passwords to access their CHR accounts, i.e. minimum of 8 alphanumerical characters (letters, numbers, symbols), and at least three of the four categories: uppercase characters (A-Z), lowercase characters (a-z), base 10 digits (0-9), and non-alphabetic characters (for example: !,$,#,%).

📌 Note: Disable is the default setting for all CHR accounts.

Password Compliance - Password Expiry Interval

Select 1 month, 2, 3, 4, 5, or 6 months to set the interval when your clinic users' CHR passwords expire.

All users must create a new password at the defined expiry interval.

📌 Note: The default setting is 3 months.

Password Compliance - Account Lockout

To set an account lockout threshold, select 5, 7, 10, or 15 times.

This means a user can have a certain number of failed sign-in attempts before they are locked out.

📌 Note: The default setting is 5 times.

Additionally, you can set the duration of the lockout period once the user is locked out. Select 15 minutes, 30 minutes, 1 hour, 12 hours, 24 hours, or Lock until an admin unlocks.
The default setting is 1 hour.

📌 Note: If you choose the Lock until an admin unlocks option, the user accounts remain locked until a user with the permission, Edit Other Users unlocks their account. See Unlocking user's CHR accounts.

3. Once you have configured the above settings, click Save Setting.

Updated: September 16, 2021

Did this answer your question?