|eRehabData® Web Security
eRehabData® delivers its services over the Internet. The following features protect sensitive information and ensure compliance with HIPAA requirements for shielding protected health information (PHI).
User Accounts & Passwords
Only active users with valid passwords may access eRehabData. You cannot access eRehabData without entering a username and password. A password must be at least eight characters long. It must include uppercase and lowercase letters, at least two numbers, and at least one special character. Your hospital may require you to change your password periodically. You can help enforce security by protecting your password. Do not tell anyone else your password. Do not write it down. Change it frequently.
Your eRehabData account gives you access to the areas of the website needed to perform your job or role. You may not have access to all areas or all functionality in eRehabData. Administrators at your hospital customize your access to the website.
Unauthorized entry, misuse of another person's password to access any part of eRehabData, or misuse of the website (for fraudulent, malicious, and/or deceptive purposes) may constitute crimes or torts under state or federal law. Unauthorized access may be viewed, monitored, and recorded. Any information obtained may be given to law enforcement in connection with any investigation or prosecution of possible criminal activity. Any such violations will be pursued and prosecuted to the fullest extent permitted by law.
In order to ensure the privacy of data, all traffic between eRehabData servers
and your web browser is protected using the encryption protocol TLS 1.2.
Encryption converts data into a non-readable form during transmission
between your computer and eRehabData servers.
Also, SSL certificates exchanged between your web browser and eRehabData servers
establish secure communication between two points. The first time you
access eRehabData, you may be asked to approve receipt of the eRehabData SSL certificate.
The certificate includes digital signatures that validate the identity
of the sender, as well as guarantee data integrity and encryption, preventing
anyone from intercepting and decoding the data while en route.