Terms of Use


  • I have been instructed to promptly report all incidents of noncompliance with HIPAA Security Regulations policies and procedures to management, security, and privacy officers.
  • I have been informed that I will be sanctioned and/or disciplined for noncompliance or violations of HIPAA Security Regulations policies and procedures.
  • I have been instructed to promptly log and report all security incidents to management, security, and privacy officers.
  • I have been given the guidelines for proper use and protection of passwords.
  • I have been informed that I must comply with the “Emory University Code of Conduct” or the “EHC Confidentiality Statement” as it relates to the appropriate use of electronic personal health information (ePHI).
  • I have been instructed within the last 12 months not to share passwords with other users and not to write down their passwords or otherwise expose their password in an insecure manner.
  • I have been instructed within the last 12 months to report any suspected compromise or use of their user identifier and password by other individuals to their appropriate security officer.
  • If you are NOT using an Emory owned client system to access the LabKey, you have been instructed on the obligations to meet the following requirements before accessing the LabKey:
    • The non-Emory system must have anti-virus software installed and the software and virus signature files must be kept up-to-date.
    • The non-Emory system and all applications on the system must be kept up-to-date with the most recent security updates and patches.
    • The non-Emory system must run personal firewall software at all times and the firewall must be configured to block all unsolicited inbound connections. This requirement is not necessary for vendor owned systems that are always connected to the vendor network as long as the vendor network is protected by a firewall and has implemented strong security measures.
    • ePHI must not be stored on non-Emory systems without explicit written permission from the user’s appropriate director/dean/chair/vice president or equivalent.
    • Users must not disclose any Emory passwords to anyone, including family members.
    • If you are accessing the LabKey via a wireless client, does your access meets all of the following requirements:
      • Protected by a host based firewall.
      • Utilize anti-virus software that is up to date and has current anti-virus signatures.
      • Kept up to date with the latest operating system and application security patches.
      • Not connected to both wireless and wired Emory networks simultaneously.
      • Configured so they will not automatically connect to ad-hoc or unsecured wireless networks.

Please click below to continue...