Automatically locking PC

Posted on 2005-04-21
Last Modified: 2012-05-05
I am trying to comply with requirements for HIPA in a dental practice.
The inspectors want to insure that when the dentist walks away from the PC that it is locked where no one can see the data.  They recommend that we use a timed screensaver (3-5 minutes) with password protection.  This does get the job done somewhat, however it is a royal pain for the dentist.  What happens is that he gets gloved up and begins working on the patient, the screen saver comes on, then when he needs to view the patients x-rays, he now has to touch the keyboard (which is not sterile) to unlock the screensaver, causing him to reglove.

What I would like to do is have a security device (ie; smartcard, proximity device or some type of usb security device) that the dentist inserts or wears to unlock the screensaver or perhaps turn on video or monitor and when removed will turn on the screen saver or lock the video.  This way as long as the dentist is there with his security device plugged in he can work but when he leaves and takes his device the data is not accessible.  We do not want to have to touch the keyboard (no PIN). A proximity device would be best.   Different users all need to be able to access the same computers. Any ideas?
Question by:rdowell
    LVL 9

    Expert Comment

    Where is this computer located?  Is locking the screen the only option that you have.  I don't know of any proximity devices that will allow you to do this.   Other may know of some.  To comply with HIPAA in the Nursing Homes that I and the Network Admin for I lock users sessions though the OS, not a screen saver.  However, we don't have the issue of staff using the computer and not wanting to re-glove.   Plus I have put machines in locations where only staff can see or use them.  There are also devices that you can put on monitors that only allow the screen to be viewed from directly in front of it.  
    LVL 4

    Expert Comment

    There are plastic covers for computer keyboards that allow you to type through them. Can that not be sterilized or perhaps you can find a make that can be? If you search for "plastic keyboard cover" or "sterile plastic keyboard cover" (without the quotes) you'll see what I mean.

    also see
    LVL 27

    Accepted Solution

    I guess you are looking for this:

    How does "PC Access" (Link-IT)    work?

    In simple terms, "PC Access" is a combined hardware & software solution. The software application works in conjunction with reliable and well proven Link-IT hardware - which consists of a miniaturised Hi Tech RF (Radio Frequency) based reader which plugs into your computer, and "Authorised User" transmitter Tags which typically are carried or worn by users like an ID badge.

    Once the software is loaded on to the PC or Laptop, the computer will only operate once an Authorised User Tag is within reader range (typically 3-4 metres). The system also significantly enhances privacy in respect of work in progress, etc. (e.g as soon as a user moves away from the PC, a screen saver instantly obsures any confidential report, etc. being worked on, thus offering instant protection against prying eyes).

    The lightweight Active Tag (typically worn on a belt clip, neck chain, etc. like a badge) transmits a unique identification code every second (or more if necessary). The Reader (plugged into your computer) then reports the presence of all compatible Tags to the computer.

    LVL 27

    Expert Comment

    Here is another solution:

    The simplest method of breaking into a computer or network is to walk up to a computer where the previous user has not logged off !

    XYLOC is a patented wireless 2 piece security device that ensures when you are NOT at your workstation - IT'S LOCKED !!

    Using unique RF technology developed over the last 5 years, you can now provide instant Proximty based Data Protection for your busiest employees desktop and laptops and ensure that the applications and critical data they have open on these devices are secured when the user moves or gets called away from the device.

    Example : Joe is a busy doctor in a hospital casualty A&E . Using a front desk shared Desktop PC, he accesses patient records for diagnosis on a patient he is attending to when his pager suddenly goes calling him urgently to attend another emergency. Without thinking he rushes away to attend to the call, leaving the patient record open on the desktop for all to see. Joe is just doing his job. In reality he should have logged out of the application, and logged of the machine before moving away.

    Using XYLOC the PC knows when Joe is close to the machine, who he is and that he is authorised to use the device. Using XYLOC, Joe could have simply walked away from the machine and at a preset proximity range the PC would have detected that Joe has left the machine and instantly locks the device and the open application from prying eyes. When Joe returns to the device his XYLOC id card is automatically detected and Joe is instantly logged back into the device (no long waits as windows loads his profile, no screensavers etc), his application is open at the place he left it and Joe can work on it immediatley. Whenever Joe moves out of range of the PC, Joe's Application and the PC's locked and secured by XYLOC and is safe.

    LVL 1

    Expert Comment

    I have a suggestion, as I also just finished securing my network for HIPAA compliance.  I assume the pc is located in your exam room.  In that case, I have a few suggestions:

    1.  Increase the system lock timeout, i.e. screensaver, to 45 minutes.  This should adequately cover the time you spend on each patient without locking mid-procedure.  Meanwhile, if you step out, you're covered as the system will lock.
    2.  Move the pc to a location not within view of the exam chair.  
    3. Place a glare reflector/privacy sheild on the monitor.  Therefore, the monitor's information can only be displayed if sitting directly in front of it.  A 17" LCD privacy cover is about 175.00.. (i think)  
    4.  I'm sure you've conducted a risk assessment, note the precautions you've made and you're aware, however the risk is low, etc.  

    Just a few suggestions...

    Good Luck
    LVL 12

    Expert Comment

    I don't get it.
    Why not just instruct em to press ctrl+alt+del and hit space when they leave?
    LVL 27

    Expert Comment

    @ kneH: ...What happens is that he gets gloved up and begins working on the patient, the screen saver comes on, then when he needs to view the patients x-rays, he now has to touch the keyboard (which is not sterile) to unlock the screensaver, causing him to reglove....

    LVL 2

    Assisted Solution

    I researched a similar solution for a school project and I liked the following product:

    For what you'd need, you would get the pcProx and pcSonar to logon with a proximity card and pin for two factor authentication and the pcSonar allows you to set a radius that the proximity card can go before it auto logs off.

    For this solution there is no software to install- seems like it's a nice little inexpensive, easy solution.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Join & Write a Comment

    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now