Securing your account
Each RTasks user is responsible for maintaining a secure password, documenting in RTasks only under their own login, and observing HIPAA Privacy practices.
New RTasks users will be entered into RTasks as staff users and provided security access on a need-to-know basis. The Supervisor will create a username and a temporary password that can be supplied to the new employee.
The new user will go to the RTasks login page at www.rtasks.net and use the username and temporary password to log in. They will then be taken to a second screen and allowed to create their own unique password. This password must:
- be at least 8 characters in length
- be significantly complex enough to avoid compromise.
Once their new password has been successfully created, they will be asked to login again using the username and the new password.
All RTasks users may update their own passwords at any time (Note: Administrative users can reset RTasks passwords for their staff.)
To update your RTasks password:
Select Settings > Account Security.
Two Step Verification adds additional safeguards to your account, requiring the use of both password (something you know) and a code sent to your email account (something you have access to). This ensures that even if your password is compromised, your account cannot be accessed without control of your email account as well.
We recommend you do not use use a password for your RTasks account that you use anywhere else; we especially recommend you do not use the same password for your email account and your RTasks account; we very especially recommend you do not use the same password for your email account and your RTasks account if you are using 2 Step Verification
|To setup 2-step verification
Select Settings > Account Security > Setup Two-Step Verification.
|After 2-step verification is setup, whenever you attempt to log in, you will get an email with a one-time-use code.
Retrieve the code and enter it to finish logging in.
HIPAA & RTasks User Accounts
Health care data is sensitive and must be kept secure, accessible only to authorized individuals.
- Grant appropriate access only to those needing access to the information.
- Keep passwords private - never share them.
- Do not walk away from an unsecured device logged in to a EHR.