Primary Care – Password Policy

Purpose of this policy

This policy is intended to establish guidelines for effectively creating, maintaining, and protecting passwords at Clarity Informatics Limited.

This policy applies to all users.

Password Creation

  1. All user and admin passwords must be at least 8 characters in length. Of these 8 characters, 4 must be unique.
  2. Passwords are case sensitive.
  3. Longer passwords and passphrases are strongly encouraged. The maximum password length is 100 characters.
  4. Passwords must be completely unique, and not used for any other system, application, or personal account.
  5. Your password cannot be the same as your email address.
  6. Passwords will be checked against the National Cyber Security Centre’s list of breached passwords. Any passwords that appear on that list cannot be used.

    More information on how to set strong passwords can be found on the NCSC website [LINK – Three random words – NCSC.GOV.UK]

Password Protection

  1. Passwords must not be shared with anyone and must not be revealed or sent electronically.
  2. Your password should not be written down or physically stored anywhere.

Password Change

Passwords should be changed only when there is reason to believe a password has been compromised.

Security questions and answers

You can select from a predefined list or select your own question. The answer should be unique to you and not shared with anyone.

  1. Answers are not case sensitive.
  2. Cannot be the same as the question.
  3. Must not be the same as your email address.
  4. Must contain between 2 and 100 characters.

About us

Clarity Informatics Limited is a provider of knowledge, software, and services in the healthcare sector. We are registered in England and Wales under company number: 04133376. Our registered office is at Unit 18 Jessops Riverside, 800 Brightside Lane, Sheffield, England.

Under Data Protection Legislation, we are the “data controller”. This means that we are responsible for deciding how we hold and use personal information about you. We are required under the Data Protection Legislation to notify you of the information contained in this policy.

We have appointed a Data Protection Officer. Our Data Protection Officer is responsible for assisting with enquiries in relation to this policy or your treatment of personal data. Should you wish to contact our Data Protection Officer, you can do so using the contact details below.

How we may collect your personal information

We may collect and process information that you provide by filling in forms on our website. This includes information provided at the time of registering to use our site or subscribing to any of our services (“Registration Data”), and material contributed through any interactive service (“User Generated Content”).

If you contact us, we may keep a record of that correspondence.

View all Policies