I do a little work now and then that involves Protected Health Information.
I fully agree with the idea of setting up a separate user account to keep the work environment separate from the personal environment. It's easy, and it's effective.
Since the work involves Protected Health Information, I very strongly recommend that you use a MacOS feature called "FileVault" to keep the work environment encrypted when you are not logged into it. It's very easy to set up, and it does not change the way you work with your Mac. Behind the scenes, however, the home directory (and everything in it) of the work user is actually encrypted on the hard disk, and it is only decrypted when you login to that account and access files. That way, if your MacBook Pro is lost or stolen, it will be much harder for someone to access the Protected Health Information you've stored on it.
To set up FileVault in MacOS 10.6.8:
- Login to the work account and select "System Preferences" from the Apple Menu.
- Click on the "Security" icon.
- Click on the "FileVault" tab.
- Click on the "Turn on FileVault" button.
- On the same tab, it's probably worth setting up a "Master Password" for the computer, if you don't already have one. That way, if you forget the work account's password, you'll still be able to access your encrypted directory.
Next, if you need to use a web browser while in the work environment,
do not use Safari 5.x, which is the version included in MacOS 10.6.8. There are known security holes in Safari 5, and if your employer is audited for regulatory practices, the use of a significantly out-of-date, insecure browser is something that can be cited as a problem. While logged in as the work user,
use a current version of Firefox or Chrome for any web browsing.
Along those lines, you should give some thought to upgrading your Mac to Yosemite. (I say that as someone who still runs 10.6.8 on my own home Mac.) A lot of things are different in Yosemite, but the truth is that Apple is no longer maintaining 10.6.8 with security updates. A rule of thumb for working with regulated data is that you have to keep systems reasonably up-to-date from a security perspective, and where that is not possible, you need to take steps to mitigate risk. It can be argued that segregating/encrypting data and using only specific, current web browsers is acceptable mitigation, but upgrading to a more current version of MacOS would be helpful.
If you do decide to upgrade to a newer version of MacOS, keep in mind that if you have any older, PowerPC software on your system, it will not run on anything newer than 10.6.8. Since your MacBook is from 2011, you probably are fine, but I thought I'd mention it in case you migrated from an older Mac or installed any older software after you bought your Mac. To find out if you have any PowerPC software on your computer, go to the same place you went to get the screen shot of your "Hardware Overview" (Apple Menu > About This Mac > More Info...), scroll down to the "Software" section, click on "Applications", and sort the results by "Kind". Anything that shows up with a "Kind" that is "PowerPC" will not run on 10.7 or higher. Again, it's unlikely that you'll be affected, but you should double check before upgrading.
As a final comment, if you work with a lot of PDFs (dozens or hundreds) or other documents, you might find it handy to use a tool to help organize and tag them for easy access. Many such tools also allow you to encrypt their files/libraries, adding an extra layer of security. Some examples include Yojimbo, Yep, Evernote, and DEVONthink, but there are others.