Systems are operating normally.

You are here: Home / procedures and standards / Virtual Private Network (VPN)

Virtual Private Network (VPN)

Virtual Private Network (VPN)

HSTS Procedure

OVERVIEW: Use the Online Access Request Application (OAR) to request a Virtual Private Network (VPN) software or hardware token for access to Medical Center systems from outside of the Medical Center firewall.

PURPOSE: To provide information on how to request VPN access and to define the Conditions of Use.

SCOPE: This procedure applies to all Medical employees and customers.


  1. Please note that the Online Access Request Application (OAR)   will require the applicant's and the supervisor's electronic signature. The OAR requesting the appropriate type of VPN access must first be completed. The request will then be forwarded to the applicant's supervisor for approval.  Once approved, the user will receive an email from Health System Technology Services (HSTS) Information Security to complete their ‘User Attestation."  Hardware tokens may be picked up from the HSTS Front Desk, Stacey Hall, Monday-Friday, 8:00 AM to 4:45 PM.  Software tokens and the installation instructions for the various operating systems will be emailed to the users UVa Health System email address.

    Note:  The CyrptoCard/Blackshield client software may not be transported or used in countries that have been determined to have repeatedly provided support for acts of international terrorism (e.g. Cuba, Iran, Iraq, Libya, North Korea, Sudan, and Syria).

    If you encounter problems or have CryptoCard/Blackshield related questions, you may contact the HSTS Help Desk at 434-924-5334.

    CryptoCard/BlackShield VPN Token Conditions of Use

    Users are bound by institutional policies regarding access to patient information

    Users may not print patient data while off Medical Center grounds

    Users may not download patient data to a non-HSTS managed device (e.g. home computer, local storage media, etc.)

    Users will maintain their anti-virus protection on the devices utilizing the VPN connection, including applying regular updates to anti-virus software as recommended by HSTS

    Users remaining connected through DSL or cable modems must install a desktop firewall

    Remote access and use of VPN is subject to periodic random auditing

    Inappropriate access and/or failure to follow Conditions of Use may result in suspension and/or permanent discontinuation of remote access privileges

    Termination of employment will result in immediate loss of remote access privileges

    Hardware authenticator token is non-transferrable and must be returned to HSTS Information Security Administration upon termination of employment

    Support Hours

    VPN support is available through the HSTS Helpdesk from 7am to 6pm Monday-Friday, and from 8am to 4pm on Saturday and Sunday. Limited VPN support is also available after normal business hours by contacting the HSTS Helpdesk at 434-924-5334.

    Internet Service Provider (ISP) Information

    Due to technical issues, the VPN will not work with America On Line (AOL). If your Internet Service Provider (ISP) is AOL, you will need to obtain an account with an alternate ISP.

    Satellite connections will not work with the VPN.

    Replacement Batteries

    Users are responsible for purchasing and replacing the batteries in the Hardware authenticator devices. The average battery life should be approximately 3 years. Batteries are easily obtainable at local electronic and discount stores with a cost of approximately $3 per battery. The Hardware token type is indicated on the reverse (KT-1 or KT-4). The Hardware device requires loosening the Phillips head screws and sliding the back cover towards the rear to replace the battery

    . .

    KT-1 Device:

    • Requires two 3V batteries (battery # CR2016).
    • The user is required to replace one battery at a time in order to retain power to the read-only memory in the device, otherwise contact the HSTS Help Desk as re-initialization will be required.

    KT-4 Device:

    • Requires one 3V battery (battery #  CR2032).
    • Contact the HSTS Help Desk as re-initialization is required.

    If assistance is required, obtain the required replacement battery outlined above and call the HSTS Help Desk to make an appointment to visit HSTS IT Security at Stacey Hall for assistance.

revised: May 01, 2015

Procedure properties

date revised: May 01, 2015

owner: Greg Washburn

reviewer: IT Security

web page properties ( viewable only to editors )

created by: MCC9X ( Apr 03, 2013 )

modified by: ( May 13, 2015 09:40 AM )

Procedure supporting resources


  • Stacey Hall
  • 1105 West Main Street, Charlottesville, VA 22908
  • 434.924.5334
Personal tools