1. Identification of Users - User ID must be protected from unauthorized use. Users are responsible for all activities on their User ID or that originate from their system. The following activities and behaviors are prohibited:

• Acquiring or attempting to acquire passwords of others; and
• Using or attempting to use the RxSense accounts of others.

2. Access to RxSense - The following activities and behaviors are prohibited: The use of RxSense resources or electronic information without authorization or beyond one's level of authorization;

• Making RxSense available to individuals not affiliated with DataRx;
• Intentionally compromising the privacy or security of electronic protected health information ( PHI), as that term is defined in the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules; and
• Unauthorized use of protected health information (PHI).
• Operational Integrity - The following activities and behaviors are prohibited:
• Interference with or disruption of RxSense (including user accounts, services, or equipment), including, but not limited to, the propagation of computer "worms", "viruses", or “malicious software;”
• Failure to comply with requests from appropriate DataRx officials to discontinue activities that threaten the operation or integrity of RxSense or otherwise violate this policy;
• Revealing passwords or otherwise permitting the use by others (by intent or negligence) of RxSense accounts or supporting systems;
• Altering or attempting to alter files or systems without authorization;
• Unauthorized scanning of RxSense systems for security vulnerabilities;
• Intentionally damaging or destroying the integrity of electronic information;
• Intentionally disrupting the use of electronic networks or information systems; and
• Negligence leading to the unauthorized disclosure of PHI