Skip to main content

Logging out

Sign out of your WithinEHR account securely.

Logging out guide

Logging out is a critical clinical and legal safety measure. At WithinLabs, ensuring that every session is properly terminated protects our patients, our practitioners, and the integrity of our data.

1. PHI Protection & HIPAA Compliance

Under HIPAA and international healthcare regulations, Protected Health Information (PHI) must be secured at all times.

  • Preventing Unauthorized Access: An active, unattended session is an open door. If a workstation is left logged in, anyone walking by—other patients, unauthorized staff, or visitors—could view sensitive medical histories.
  • Audit Trails: In healthcare, every action (prescribing, viewing labs, or editing notes) is tied to a specific user ID. If someone performs an action on your account because you didn't log out, you are legally responsible for those entries.

2. Preventing "Wrong Patient" Errors

In a fast-paced clinical environment, multiple staff members often share workstations.

  • The Risk: If Nurse A forgets to log out and Doctor B begins entering a prescription, that medication could be saved to the wrong patient’s record.
  • The Consequence: This leads to serious medical errors, potential patient harm, and corrupted longitudinal data that can follow a patient for years.

3. Data Integrity and "Ghost" Entries

When sessions remain open indefinitely, the risk of data synchronization issues increases.

  • Concurrency Issues: If two people are accidentally editing a record under the same credentials from different locations, the system may fail to save critical updates.
  • Real-time Accuracy: Explicitly logging out ensures that all "autosave" triggers and data-syncing protocols are finalized, ensuring the next provider sees the most current version of the patient's care plan.

4. Cyber-Defense Against Session Hijacking

Healthcare remains a top target for ransomware.

  • Token Theft: Active sessions use "session tokens." If a device is compromised while logged in, attackers can hijack that token to bypass multi-factor authentication (MFA) and scrape entire databases of patient info.
  • Endpoint Security: Logging out clears temporary cache and cookies that might otherwise store sensitive data in the browser's memory.

How to Properly Log Out

Never simply close your browser window; this often leaves your session active and vulnerable.

  1. Locate the Logout Icon: Look for your initials or profile picture, located in the top-right corner of the WithinEHR screen.
  2. Click and Confirm: Click the "Sign out" button. The system immediately direct you to the main login screen.