We have a feature you can enable for your HRAs called “Inactivity Time-Out.” Do you know what that is for? It’s pretty cool, actually.
Obviously, the most common use of our HRAs is by individuals on mobile devices. They work great for that. Private data entered on your private device, stored encrypted on secure servers. No problem.
But sometimes, you might want to deploy them at public events, in waiting rooms, and on other shared computers. In those instances, what do we need to be concerned about?
There are 2 scenarios…
First, ideally, you have deployed the HRA in lightbox mode. This means when someone is done they can click the little “x” to close the lightbox. This totally shuts down that instance of the HRA and returns to the calling page. If any user launches the HRA again from the button on that page, a brand new session begins. Again, totally safe. If the HRAs were being launched into new tabs, the user could also shut that tab.
However, if someone wanders away from a partially completed HRA on a common computer, their answers would be populating the questions they completed. These answers are most likely not identifiable to an individual because you don’t enter your contact info until you are heading into the results page. But some answers may be exposed if someone was to page back through a partial completion. That is where the Inactivity Time-Out kicks in.
When the Inactivity Time-Out is enabled, the system will automatically erase all user-entered information after a user is inactive for a specified amount of time between 2 – 10 minutes. Problem solved.
One thing to remember is that this feature would also erase data entered by someone on their phone if they got interrupted for longer than the set period of time.
For that reason, if you plan to use an HRA on a kiosk long-term, it is probably best to spin up another deployment dedicated to that purpose. Then you can track that usage separately and tailor the downstream follow up and recommended next steps to what makes most sense for that use.