By Aris Medical Solutions
News broke that LinkedIn user account credentials were dumped on the dark web.
Back in 2012 is when the actually breach occurred, but now the data has surfaced for sale.
Although LinkedIn has taken reasonable advances to mitigate this problem, you still need to protect yourself as well. What that means to you is… you need to change your password as soon as possible. If you used this password anywhere else, you should change that as well. We also recommend implementing a two-step authentication on all sites that offer it. It is easy to set up and adds an extra measure to keep your data safe. Also be very cautious when answering or accepting new connections. Criminals have figured out how to look real, sound real, and get you to take their bait. They do leave clues, but you need to be diligent and read the communication carefully and do not click on any links. Open your web browser and type the name of the company and see if there are any warnings about the website. Your anti-virus (if you use a decent one) should notify you if the website has any suspicious activity.
An additional reason we bring this to your attention is because there are medical practices that have suffered a breach and they do not even know it. It may take years before this data surfaces or is sold. We not only work within this profession but we are also patients at medical facilities all over the country. We must do our part as employees as well as consumers to protect this (our) data. What you need to do:
- Use strong passwords (phrases) and change them at least every 90 days.
- Implement a two-step authentication anywhere it is available.
- Uneducated employees cause most of the breaches, either by clicking on a link or through a lost or stolen device. Continuous education is of the utmost importance.
- The use of encryption and/or auto-wipe/remote wipe on all devices that access or store Protected Health Information (ePHI).
- Report any suspicious activity to your HIPAA Security Officer.
- Be sure to review this report to determine if a breach has happened or potentially has happened.
- Mitigate the risk to the best of your ability and make sure it is documented.
If you need assistance with a Risk Analysis, Risk Management Plan, or implementing a full set of HIPAA Policies and Procedures, call Aris at 877.659.2467 or click here to schedule a demo. We offer a full range of services from a Do-It-Yourself HIPAA program to a Full HIPAA Implementation package.
“Protecting Organizations through Partnership, Education, and Support”