The TELUS Collaborative Health Record (CHR) has a number of security settings that can be configured at your account level, and that apply to all users in your account.

To configure these settings, you must be an account owner for your CHR domain. If you are not an account owner and want to modify these settings, please contact the TELUS Health support team (see Contact us).

CHR account owners can configure the following account-wide security settings:

  • Adding trusted IP address ranges to access your clinic's CHR domain

  • Allowing users to log into their account from multiple devices concurrently

  • Enforcing users to use HIPAA-compliant passwords

  • Modifying the password expiry interval for all users

  • Choosing an account lockout threshold and duration of lockout for all users

Each user can also control some of their personal security settings that apply only to their user account (see Modifying your personal security settings).

Steps

1. From the main menu, click Settings > Security > Account.

2. Modify the following security settings:

Setting

Description

Trusted IP Address Ranges

Allows only specific IP addresses to access your clinic's CHR domain.
📌 Note: This feature is suitable for your clinic only if all users use static IP addresses to access the CHR. If you enable this and you try to access the CHR from a dynamic IP address, you will not be able to log in.

  1. Click + Add Trusted IP Address Range. The Add Trusted IP Address Range window appears.

  2. In the Name field, type any name.

  3. In the IP Address Range field, type the actual IP Address.

  4. Select which user(s) it must apply to.

  5. Click Save.

📌 Note: You can add the IP address to one or all clinic users. If you want to apply the IP address to only a subset of users, you must manually add it for each user.

Once you added, anyone trying to access your CHR account and who is not on a specified network address will encounter the error "You're currently in an unauthorized network."

Allow concurrent sessions

By default, this is enabled, which allows users to sign into their CHR accounts on multiple devices simultaneously. For example, you start an encounter note in your office on device A and then move into the examination room, using device B. You will return to the encounter note where you left off. All entries made in the office on device A are auto-saved.

Select Disable to prevent concurrent access to multiple devices.

Password Compliance - HIPAA Compliant

This setting is disabled by default. Enable it to enforce that all users use high-security passwords to access their CHR accounts that contain both these requirements:

  • Minimum of 8 alphanumerical characters (letters, numbers, symbols)

  • At least three of the four categories: uppercase characters (A-Z), lowercase characters (a-z), base 10 digits (0-9), and non-alphabetic characters (such as !,$,#,%)

Password Compliance - Password Expiry Interval

Select the montly interval when users' CHR passwords will expire. At the expiry interval, users must create a new password.

The default setting is 3 months.

Password Compliance - Account Lockout

Select the threshold for failed login attempts before a user is locked out. The default setting is 5 times.

Additionally, you can set the duration of the lockout period once the user is locked out. The default is 1 hour.

📌 Note: If you choose the Lock until an admin unlocks option, the user accounts remain locked until an administrator unlocks them (see Unlocking user accounts).

3. When you are done, click Save Setting.

Updated March 20, 2022

Did this answer your question?