Skip to content
Providence IS Communication

Providence IS Communication

The news site for IS caregivers and partners

Explore more news:

 

Updated Date: Policy for Inactive AD Accounts Will Now Be Enforced

Thursday, March 25, 2021 IS Communications All Caregivers

Updated April 30, 2021 with new date for application of the policy across all Providers. Prior version had a May 5 date; now postponed to June 2.

The Information Services Security team implemented a security policy that governs the management, disablement, and deactivation of Active Directory (AD) accounts, in order to keep our enterprise secure and protected. A caregiver’s AD account, also known as their network logon, provides access to corporate network resources, including Epic/Meditech, O365, ServiceNow, and other applications.

The policy, which was implemented last year, was temporarily modified in September and put on-hold during the last six months, however, this policy will now be strictly enforced for all caregivers, vendors, partners, and providers beginning on the following dates:

April 7, 2021 – Policy will be applied to all caregivers, except Providers

Updated! June 2, 2021 – Policy will be expanded to apply to Providers.

The policy states that AD accounts, with a few exceptions, that have no log-in activity for 90 days or more will be:

  • Disabled for 12 months (one year), which means you will not be able to log in.
  • During that 12-month period, the account can be reactivated by calling the IS Service Desk.
  • After 12 months, a caregiver’s employment designation will determine how the account is managed:
    • An employee’s primary account will become inactive and can be reinstated if the employee returns to Providence in the future.
    • A non-employee’s account will be deleted and permanently unavailable.

The only exemptions from this policy are:

  • The policy for caregivers in the below groups will be extended to no log-in activity for 180 days (not 90 days).
    • Providence High School
    • University of Providence
  • There will be no change in the exception policy for caregivers in the following groups:
    • Home Care Services
    • Personal Care Services / Nurse Next Door
    • Hospice of Lubbock, Inc.
    • Heritage Services
    • Shared Services Revenue Cycle Contingent Workers

Note that caregivers who have been on leave and have not been logging into the network could be affected.

Notification will be sent to both the impacted caregiver and their core leader one (1) week ahead of the planned date of an account being disabled and/or deleted, with directions for the caregiver on actions they can take to remediate the situation. In order to ensure an account is not disabled, the caregiver needs to log in to their Epic or network account prior to the disable date to remain active. In the case of notification of an account being deleted, the caregiver will need to contact the IS Service Desk to reactivate the account.

Once an account is disabled, it will no longer accept log-in credentials. If you suspect your account has been disabled, and it is within the 12-month window prior to deletion, your account can be reactivated. Please contact the IS Service Desk at 844-92-AskIT (844-922-7548) for reactivation.

More info

For more information, please see the FAQ or refer to the updated policy PSJH-RIS-801 Information Security Management, section 801.02.

Post Views: 111
More articles on this topic: account deactivationaccount disablementActivity DirectoryAD accountinactive accounts