Account Security

Bp Omni has a number of account security features designed to keep your account safe. These features include Inactivity timeouts, multi-factor authentication, and passwords.

Inactivity timeouts and PINs

When you log into Bp Omni for the first time, you provide your user name, password and set up multi-factor authentication on your account.

You will then be asked to create a six-character PIN. you can use your PIN to unlock the screen after an inactivity timeout. An inactivity timeout will occur if there has been no activity in Bp Omni for 15 minutes. This extra layer of security has been provided to support your compliance with health security standards.

Creating a secure PIN

Creating a safe PIN for your Bp Omni quick sign in is just as important as creating a secure password for your account. Best Practice Software recommends creating a PIN that uses alpha, numerical and special characters.

• DO: Create a complex PIN that uses alpha, numerical and special characters where possible, such as Z900P$.
• DO NOT: Create a PIN with 3 or more consecutive or duplicate characters, such as ABC123 or AAA111.

Adjusting inactivity timeouts

NOTE Only users with Practice Information admin rights can change this setting in Practice & Locations.

By altering this time-frame, you are accepting the risk of unauthorised access as information security guidelines recommend a maximum of 15 minutes of user inactivity to activate screen or session locking.

Customers of Bp Omni in Aotearoa (NZ) have the option to switch off this inactivity timeout entirely. Customers located in Australia do not have this option due to the My Health Record integration that mandates this inactivity lock for integrated Cloud Practice Management Systems.

If customers in Aotearoa (NZ) choose to switch off this inactivity timeout, we recommend putting in place alternative security measures to protect patient/client data from unauthorised access. You are required to accept this risk as a condition of switching off the inactivity lock.

Work sessions

Each Bp Omni work session lasts 24 hours. If you are still logged in 24 hours from having entered your username and password, then for security reasons you will be automatically logged out. Bp Omni provides countdown prompts to save your work and forewarn you about the auto log-out 30 minutes ahead of time.

To avoid losing work due to being automatically logged out after 24 hours of inactivity, ensure that you save your work regularly and log out voluntarily at the end of each day.

Resetting your PIN

You may need to reset your PIN if an inactivity timeout occurs and you cannot remember your PIN.

1. From the lock screen, click Forgot my PIN. The Forgot your PIN screen will appear, and a 6-digit code will be sent to the email address you used to sign up to Bp Omni.
2. Enter the six digit code in the field provided and click Verify code. The Create a quick access PIN screen will appear.
3. Enter a new 6-character PIN. The PIN can be any six characters, including special characters.
4. Click Set PIN. The screen will be unlocked.

Change your password

When you log into Bp Omni for the first time, you will be asked to create a password. You can change your Bp Omni password at any time via your profile.

1. Click your profile icon in the top-right corner and select Profile.



Your user profile will appear.

2. Scroll down to Access and sign in.



3. Click Change password. The Password recovery screen will appear.



4. Click Send email verification code.

The password recovery screen will change to include a field for entering the verification code.

You will receive an email with the verification code at the email address you have registered with Bp Omni.

5. Enter the verification code in the field provided and click Continue. A notice will appear indicating that the code was successfully verified
6. Click Continue.
7. Enter your new password in the New password and Confirm new password fields and click Continue. A message will appear indicating that your password has been reset successfully.
8. Click Sign in. You will be signed into Bp Omni with your new password.

Multi-factor authentication

When you log into Bp Omni for the first time, you will be asked to set up multi-factor authentication.

Whether or not you are required to use multi-factor authentication to log into Bp Omni depends on the length of time since you last logged in using multi-factor authentication.

If you log into Bp Omni within 24 hours of logging in with multi-factor authentication, you will only need to log in using your password.

If it has been 24 hours or longer since you last logged in using multi-factor authentication, once you log out you must enter your password and use multi-factor authentication to sign back in.

If it has been 24 hours or longer since you last logged in using multi-factor authentication and you have not logged out voluntarily or due to an inactivity timeout, you can continue to work with no impact.

Edit multi-factor authentication methods

1. Click your profile icon in the top-right corner and select Profile.



2. Your user profile will appear.
3. Scroll down to Access and sign in.



4. Click Edit MFA methods. The Edit verification methods screen will appear.



5. Click Replace next to either the existing mobile phone number or email address, depending on which multi-factor authentication method you wish to change.
6. Based on the option chosen, enter a mobile phone number or email address and click Send code.

The screen will change to include a field for entering the verification code.

You will receive an SMS or email with the verification code at the nominated mobile number or email address.

7. Enter the verification code in the field provided and click Verify code. The Multi-factor authentication method will be updated.