Certified in Healthcare Privacy and Security (CHPS) Practice

The security feature that an electronic health record (EHR) system employs by terminating access after 15 minutes of inactivity is known as automatic logoff. This feature is designed to enhance security by reducing the risk of unauthorized access to sensitive patient information when a user forgets to log off after finishing their tasks. By automatically logging off, the system ensures that if a workstation is left unattended, any confidential data is safeguarded from potential breaches.

While session timeout and automatic logoff are closely related concepts, "session timeout" generally refers to the time limit set during which a user is logged into the system without activity, after which the system may prompt for credentials to resume access. In this scenario, the term automatic logoff more accurately describes the action taken by the system, as it completely terminates access rather than merely prompting for reauthentication.

Multi-factor authentication and password protection focus on the methods by which users are granted access to the system initially, rather than managing or limiting access during a session. Therefore, automatic logoff is the correct terminology related to the described feature of the EHR system.