An employee at a healthcare facility frequently enters patient data into a centralized system at a workstation located in a semi-public area of the hospital. Considering the risk of shoulder surfing, which of the following practices should be implemented to secure patient confidentiality?
Encrypt the hard drive of the workstation
Enable two-factor authentication for system login
Change passwords every 30 days
Install a privacy screen on the workstation monitor
Using a privacy screen is a correct practice to prevent shoulder surfing because it narrows the viewing angle of a computer monitor, which minimizes the chance of unauthorized individuals seeing confidential information from a side angle. Changing passwords regularly, while a good security practice, does not prevent shoulder surfing. Using two-factor authentication enhances account security but would not prevent the visual disclosure of on-screen data. Encryption secures data at rest and in transit but does not shield on-screen information from being viewed over the shoulder.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is shoulder surfing and why is it a concern in public areas?
Open an interactive chat with Bash
How does a privacy screen work and what are its benefits?
Open an interactive chat with Bash
Are there other ways to protect sensitive information in addition to using a privacy screen?