The TELUS Collaborative Health Record (CHR) has a number of security settings. Some are controlled by you and apply only to your user account (see User specific security settings). Others are account-wide security settings that apply to all clinic users.
CHR account owners can configure the following account-wide security settings:
If you are not an account owner and you want the above account-wide security settings added or modified, speak to your TELUS Health contact, or reach out to the TELUS Health support team through the in-app support bubble. See Contact us.
1. From the main menu, click Settings > Security > Account.
2. Modify the following security settings:
Trusted IP Address Ranges
If you want to allow only specific IP addresses to access your clinic's CHR domain you can add a trusted IP address range.
Once you have added a trusted IP address range, anyone trying to access your CHR account that is not on a specified network address will see the below message.
Allow concurrent sessions
By default, this is enabled, which allows users to sign into their CHR accounts on multiple devices simultaneously.
Select Disable to prevent concurrent access to multiple devices.
For example, you start an encounter note in your office on device A and then move into the examination room, using device B. You will return to the encounter note where you left off. All entries made in the office on device A are auto-saved.
Password Compliance - HIPAA Compliant
Select Enable if you want to enforce that all users use high-security passwords to access their CHR accounts, i.e. minimum of 8 alphanumerical characters (letters, numbers, symbols), and at least three of the four categories: uppercase characters (A-Z), lowercase characters (a-z), base 10 digits (0-9), and non-alphabetic characters (for example: !,$,#,%).
📌 Note: Disable is the default setting for all CHR accounts.
Password Compliance - Password Expiry Interval
Select 1 month, 2, 3, 4, 5, or 6 months to set the interval when your clinic users' CHR passwords expire.
All users must create a new password at the defined expiry interval.
📌 Note: The default setting is 3 months.
Password Compliance - Account Lockout
To set an account lockout threshold, select 5, 7, 10, or 15 times.
This means a user can have a certain number of failed sign-in attempts before they are locked out.
📌 Note: The default setting is 5 times.
Additionally, you can set the duration of the lockout period once the user is locked out. Select 15 minutes, 30 minutes, 1 hour, 12 hours, 24 hours, or Lock until an admin unlocks.
📌 Note: If you choose the Lock until an admin unlocks option, the user accounts remain locked until a user with the permission, Edit Other Users unlocks their account. See Unlocking user's CHR accounts.
3. Once you have configured the above settings, click Save Setting.
Updated: September 16, 2021