IT department demanding password

Published

I know this is going to sound totally insane, but has anyone, anywhere, ever worked in a place where the IT department demands you give them your password for logging on?

As stupid as it sounds, my IT department has demanded we do this - after we signed our "agreement" to not give our password out to anyone, and despite the fact that they can see everything we are doing under their "Admin" log on. The best part, this is directed towards the department managers, and will not effect staff very much.

I'm looking for documentation, court cases, to support the obvious. I refuse to give my password out to IT and therefore my resources and effeciency as a manager are being hampered. It's an obvious power struggle, but I truly do not trust the IT department, and see no reason to make it easy for them to set me up or make me look bad.

Any suggestions are welcomed!

Thanks

Up Vote Up Vote ×

I believe that it is a HIPPA violation, to have the IT have your password. What most programs I have used they issue you a generic password and then you change it. It you are having computer issues, they may need to use your access, but then you need to immediately change your password.

Up Vote Up Vote ×
Specializes in Anesthesia.

No, this isn't HIPPA violation (IT has administrative access to all computerized records anyways), but have you stopped to think what you could be blamed for with a whole department having your password? Anyone could log in with your passwords, and you guys would get blamed. I have never worked anywhere where IT wanted our passwords, and actually it was just the contrary they told us never to give out our passwords even to IT.

Good Luck....So what prompted this action at your work?

Up Vote Up Vote ×
Specializes in cardiac/critical care/ informatics.

I work in Informatics and we would not ask for anyone's password. You should have an Informatics Security person check with your corporate integrity office.

Up Vote Up Vote ×

There is no reason for them to have your password, except to look at your stuff without you knowing about it. I am in IT and I can change anybody's passwords and log into their accounts and e-mails, but the issue is that if I do that, the person will know about it since they have a new password. So if it is necessary for me to work on an account or e-mailbox, I can change the password if needed. Absolutely no reason for IT to have anybody's password.

Up Vote Up Vote ×

This thread makes me nervous in my personal life. I just got my computer back from the Geek Squad at Best Buy. They fixed it and put a new virus protection in there. However, they asked me for my password before they started and I gave it to them. Should I have done that? Is there a danger with them having my password now? Should I change it now for any reason? I've got the computer back but they do have all the information that was on there.

Up Vote Up Vote ×
Specializes in cardiac/critical care/ informatics.
This thread makes me nervous in my personal life. I just got my computer back from the Geek Squad at Best Buy. They fixed it and put a new virus protection in there. However, they asked me for my password before they started and I gave it to them. Should I have done that? Is there a danger with them having my password now? Should I change it now for any reason? I've got the computer back but they do have all the information that was on there.

Yes you should change it.

Up Vote Up Vote ×
Specializes in Peds, PICU, Home health, Dialysis.
This thread makes me nervous in my personal life. I just got my computer back from the Geek Squad at Best Buy. They fixed it and put a new virus protection in there. However, they asked me for my password before they started and I gave it to them. Should I have done that? Is there a danger with them having my password now? Should I change it now for any reason? I've got the computer back but they do have all the information that was on there.

They probably needed your password to log onto your computer to fix any problems. You can change it for your peace of mind, but the password they asked for was to probably log onto your Windows account and they really couldn't do anything with it now that it is back at your house. If someone really felt inclined to do so, they could have gotten some information from your computer (IP address) and attempt to "hack" into it... but I don't see why someone from geek squad would find that necessary.

Up Vote Up Vote ×

Because he's an embezzeling serial killer psycho....you know....they hire those guys all the time at Best Buy!

I didn't want to be paranoid but didn't want to naively let someone into my financial and personal records, either. Thanks for the response!.... I won't worry about it.

Up Vote Up Vote ×

I work in IT right now as an Administrative Assistant and none of our techs would ask for someone's password. If for some reason they needed to do something under someone's ID they would have that person log on and then advise them to change thier password after they are done. I would not give my password to any one.:nono:

Up Vote Up Vote ×
Specializes in CCU, SICU, CVSICU, Precepting & Teaching.

i've had to send my computer back to apple for repairs twice -- both times i changed not only my main password, but the passwords for all of our bank accounts as soon as i got it back.

i'm sure that the apple geniuses are all honorable people who wouldn't dream of using my password for personal gain. but i felt better about changing my password!

Up Vote Up Vote ×

Thank you everyone for your post. What prompted this was our IT department having a major power struggle with the other department managers.

The IT director started an interfacility intra-net. Originially, they suggested everyone change the password supplied by IT to get to the internet, but wanted the password to be provided to them. Well, of course, nobody changed the password, because that would defeat the purpose. Then, the IT department decided to try and control computers that were provided to our ER by the state for our Base Station and FRED. IT was very upset that the ER had a radio station (with entirely appropriate music) playing on the computer and decided to start placing all sorts of restrictions on those computers, as well as the rest of ours throughout the facility. It came under the guise of "web surfing", and when asked if they had discussed the issue with the individuals, of course the answer was no.

Now, we have been instructed that if we do NOT change and supply our password, we can't get to the internet. So I am being effectively hampered in my ability to do my job as a department manager or I can actively disregard hospital policy and make myself totally vunerable.

As I said, this is totally ridiculous and a complete case of power gone awry (as well as common sense.) And the answer is yes, I truly believe IT would use my password to sabatoge myself and many others.

You have all been helpful and I appreciate your responses. I'm open to any suggestions or regulatory agencies I might research. (The fact that this is completely against hospital policy is totally irrelevant as there are key players in key positions who do what they want, how they want, regardless of how wrong it is. HR is one of those players so there's no help there.!)

Up Vote Up Vote ×
+ Join the Discussion