Health and Wellness Blogs

Tips for Protecting Your Data

Written by Wellsource, Inc. | May 15, 2015 11:20:06 PM

The Roman poet Juvenal asked the question, "Quis custodiet ipsos custodes?" It means, "Who will guard the guardians?" This is a very good question, especially when it comes to protecting the information in your participants' accounts. Careful consideration of your data security needs will go a long way to protect your data and the administrators who work with it.

Administrators have access to a variety of personal information about participants in their database – demographics, biometric/clinical data, security data, and assessment results. It is essential that administrators be accountable for the work they do in the database. Participants rely on the integrity and ability of administrators to protect their privacy every day.

Here are some basic principles to keep in mind when granting administrative access to the database through the WellSuite® Portal:

  • An administrator should only have access to match their need. The various levels available in the Participant>Permissions tab provide a means by which access can be limited to a single subgroup or VEU, or limited in the type of information that can be seen. Select the level carefully.
  • Every administrator must have their own login credentials. Administrators should never share credentials. They must be personally identifiable. Wellsource systems log certain activities based on the login credentials so that errors and data issues can be traced. Having multiple administrators using the same credentials makes tracking issues more difficult.
  • Administrators should change their User Name and Password any time a higher-level administrator changes their password on their behalf. This protects administrators from knowing anyone else's credentials. Make sure you select the option to force password change at the next login, on the Subgroup Settings tab.
  • Every administrator should change their password on a regular basis. This improves the security of the account immensely. Avoid easily-guessed or commonly used passwords. (Did you know that the two most commonly used passwords among English speakers are "password" and "1234"?)

These are simple, but effective precautions for protecting your participants' privacy. Who guards the guardians? You do.