Password Protection for Your Site

An Important Distinction:
Access Security vs. Transaction Security

IRT offers a number of solutions to accomodate your unique security needs. These methods, however, only provide access security, ensuring that only the people you want to have access can get in to view or download your content.

They do not provide secure transmission of the content between the server and the user’s browser. For secure transmission, you must use the https:// URL method in linking and referencing the content. This method is required for all HIPPA-related data transmission. For more information about secure transmission, please contact WebHelp.


HIPAA Compliance

Storing, sharing and working with patient-related data, commonly referred to as PHI or Personal Health Information, all fall under the requirements of HIPAA. Site owners and publishers are obligated to comply with HIPAA. IRT offers solutions for storing and working with private data. Please contact us through Web Help before beginning any project involving patient or other private information. 

Secure by Directory

All the methods discussed are applied at the directory level. This means that all the contents of a given directory are secured, not the individual page. To secure a specific page, it must be located within a secured directory.

Restricting Access to People with SUNet IDs (WebAuth)

Stanford Web Authentication restricts site or page access to users in the Stanford community through the use of SUNet IDs. Web materials can be restricted to all Stanford users or to specific users.

Restricting Access to a Specified Group of SUNet Ids (WebAuth by Workgroup)

We can provide you with the ability to maintain a group of SUNet Ids that are authorized to access a site or site directory. To maintain the group is as simple as logging into the Workgroup Manager and adding or deleting people by name or SUNet Id.

  • Request WebAuth by Workgroup »
  • How to Implement WebAuth by Workgroup »

Restricting Access by Domain (DomainAuth)

Restricting access by domain is simple way to limit access to a site to computers within the Stanford Medical Center. You may have information that only pertains to personnel in your department, or sensitive information that the general population of Web surfers shouldn't see.

  • Request DomainAuth »
  • How to Implement DomainAuth »

Need to contact Stanford Health Care web team?