User Account Policy: Individual Access Requirement
Following a recent security audit of the Primary Authority Register, it has been noted that in certain circumstances, user accounts are being shared. As service providers, OPSS are responsible for the data you access through the register.
To uphold the integrity, security, and accountability of our digital services, we are implementing a strict one user per account policy. Effective as of 01 April 2026, all users must access the system using their own individual user account.
Purpose
This policy is designed to:
- Enhance security by ensuring traceability of actions within the system
- Protect personal and business data and maintain compliance with relevant data protection regulations
- Support auditability and accurate usage tracking
- Prevent unauthorised access and reduce the risk of data breaches
Policy Details
- Account Sharing is Prohibited - Each account is assigned to a single individual and must not be shared under any circumstances.
- User Responsibility - Users are responsible for all activity conducted under their account. Sharing credentials compromises this accountability.
- Security Risk - Shared accounts pose a significant security risk, including loss of data integrity, unauthorised access, and inability to trace actions to specific individuals.
Action Required
All users must:
- Cease using shared accounts
- Request individual access credentials if not already assigned
- Report any known instances of account sharing to the system administrator