In This Section

Security Information


Service Delivery items:

  • Security Training, Education, and Workshops (workgroup, lab group or Enterprise group)
  • HIPAA Compliance
  • FISMA Compliance
  • Security Risk Assessment
  • Security Contract requirements review
  • Strategic Initiatives
  • PCI Scans/Vulnerability Management/ Hardening Advisement
  • Regulation Assessments
  • Application Security Assessments
  • Policy & Procedures
  • Integration with Research Offices

Information Security Tips:

  • Do not send confidential information on unsecure networks such as email, instant messages, or text messages.
  • Use Sharefile for a more secure way to share sensitive information.
  • Our secure e-mail solution provides a method for CHOP e-mail users to send sensitive information to recipients outside the organization in a secure and confidential manner.
  • Use [SEND SECURE] in the subject line of an email message in order to create an encrypted message for all recipients outside the Hospital e-mail system.


  • Must be at least 10 characters long
  • Must not be dictionary words.
  • Must include three (3) out of the four (4) options:
  • One uppercase letter
  • One lowercase letter
  • One number
  • One special character
  • Must be changed at least every 180 days
  • Must have a minimum age of 1 day
  • Must not be the same as the last 4 passwords
  • Must be transmitted and stored securely encrypted
  • Accounts must lock out for a set time period after 10 failed logon attempts. Screen lockout time is 20 minutes when system is idle.

Use portable devices with care:

  • Do not put any unknown flash (or USB) drive into your computer as you could infect your company network with malware.
  • Do not open files that are not familiar from portable devices. 
  • Encrypt all data on laptops, flash drives, and other portable CHOP devices.
  • Eliminate PHI and PII:

Purge all sensitive data (SSNs, credit card information, patient information, etc.) from your computer unless authorized to store locally.
Work Space Protection:

  • Log off or Lock systems when you leave them unattended.
  • Do not use another person’s account, identity, or password.
  • Do not connect unauthorized hardware to the CHOP network.
  • Report Lost or Stolen CHOP device immediately to the IS Service Desk- 215-590-4357 or (Ext. 4-HELP)
  • Don’t be tricked into downloading malicious software:

Stop and think before you open attachments or click links in unusual e-mail, text, or instant messages (IM), on social networks, or in random pop-up windows. If you’re unsure if a message is legitimate contact the IS Service Desk.