Data protection and password security

Your login details must be kept private. This helps to keep data secure for our patients, service users and staff.

Keeping data secure

You are responsible, when logged in using your credentials, for activities on HSE devices, information systems and applications.

You must:

    • Only use accounts and passwords assigned to you (except for generic and group accounts)
    • Ensure that logins for generic and group accounts are kept confidential and not shared with colleagues or third parties
    • Change your password immediately if you suspect your password is known by others

Don't

    • Do not send your password within email messages, unless the email message is encrypted
    • Do not write down your password on or near your computer or any device connected to a HSE network. In exceptional circumstances where a password has to be written down, it must be stored in a secure place that is not easily accessible to others
    • Do not change default passwords given by suppliers of new devices and systems - this should be done at installation
    • Do not misuse passwords or give a user system privileges above those they're authorised to use

Guidance on creating strong passwords, protecting passwords and how often they must be changed.

Passwords Standards Policy (PDF, 715KB, 13 pages)