Passwords – why you need to change them and not reuse previous ones!

Just as the eyes are the window to our soul, passwords are the gateway to our inner most kept secrets.
Passwords are used to gain access to YOUR information, but what happens when your passwords are responsible for other people’s information? Did you know that by having your email hacked, you could potential expose not only your personal information but that of others?

Recently, I receive a text from a friend of mine saying “LOL, your email was hacked, just got a fake email from you!” Since she knows that I work in medical offices and with HIPAA compliance, she thought this was funny. However, the problem was, it was HER email that was hacked and they spoofed my address in hopes that she would fall for it. This is just one of the many ways that hackers “get in”. Some hacks start with this type of phishing email that someone falls for, depending on the hackers intentions… the sky’s the limit!

Did you know that a hacker that could get into your email would have the ability to change your access codes to many different resources and you not even know it? Many sites verify your identity through your email address. For instance, if you use the same password across different platforms, once they gain access to your email, they can try that password on other sites. Then they can change YOUR credentials and even change banking information.

So.. what can you do to protect your information and that information that you are responsible for…

Here are some suggestions that you may use. Maybe not all of them, but incorporate as many as you can.

  1. Use STRONG passwords, preferably pass phrases.
  2. Change them at least them at least every 90 days.
  3. Do not share your passwords.
  4. Do not use the same password/phrase phrase across multiple platforms.
  5. Do not reuse the same passwords.
  6. Enable two step authentication wherever offered.
  7. Utilize an encrypted file and copy/paste passwords instead of typing them each time.
  8. Make sure the network that you are accessing information from is secure.

Although nothing in this day is 100% safe, by simply adding a few precautionary measures you can protect yourself and the patient information that you are responsible for as much as possible!

If you would like to schedule a HIPAA training course customized to your facility, or if you need to update any of your HIPAA security needs call 877.659.2467 or complete the contact us form.

“Simplifying HIPAA through Partnership, Education, and Support”

About Suze Shaffer

Suze Shaffer is the owner and president of Aris Medical Solutions. She specializes in HIPAA compliance, risk management, and cyber security. She believes that by educating her clients in understanding why and what needs to be done to protect their practice they have a better outcome.

Suze has been instrumental in helping clients nationwide with risk management, implementing privacy and security rule policies and procedures, and ultimately protecting patient data. She includes state and federal regulatory requirements to ensure clients are protected in all areas.

She has spoken at numerous conferences and functions. She continues to educate organizations how to minimize the risks of data breaches. HIPAA compliance is not an option, it is mandatory for every organization that comes in contact with protected health information to have reasonable and appropriate security measures in place. Unfortunately, most organizations don’t realize they are not compliant until they suffer a data breach or they are faced with an audit or investigation.

Did you know that the Office for Civil Rights (OCR) is the agency that investigates data breaches? Have you seen the heavy fines that have been imposed for non-compliance?

All 50 states now have their own set of privacy laws and the State's Attorney General may also investigate privacy violations!

Share This HIPAA Blog

Cost of cyber attacks on healthcare are steadily rising

August 1, 2018

Spoofing, Phishing, and how to avoid getting caught in the middle

November 15, 2018
©2022 Aris Medical Solutions – HIPAA Risk Management | HIPAA Compliance Consultants | All Rights Reserved | Terms and Conditions | Privacy Policy
The content and images on this website is owned by Aris Medical Solutions and their owners. Do not copy any content or images without our consent.
Powered by Bandwise LLC