<NAME OF PRACTICE>

<ADDRESS>

<PHONE/FAX>

Password Tips for Securing Electronic Data

No computer system is 100% safe from hacker attempts or other security breaches—internal or external. None. It’s hard to believe staff members might engage in this type of behavior; unfortunately, it does happen. HIPAA makes it mandatory for practices to review, implement, and monitor processes tied to securing electronic data to make sure protected health information remains confidential.

Passwords are one of the weakest links in electronic data protection. So, one of the most basic security processes a practice may implement is the use of passwords.

Follow these suggestions to start making your system safer:

  1. Issue a password for every user on the system, regardless of job title or job duties.
  2. Keep a list of the current password(s) for each user and entrust it to the Security Officer.
  3. Staff must not share passwords among themselves.
  4. Routinely check under keyboards and on monitors for sticky notes containing passwords!
  5. Keep passwords encrypted to avoid detection over internet transmissions.
  6. Staff should be required to change their passwords every 60-90 days.
  7. Complex passwords tend to be more difficult to hack. The basic format for a password looks like this:
  • Consists of nine characters (12-14 preferable).
  • Has upper and lower case letters included.
  • Contains at least one special character.
  • Contains both alphabetical and numeric characters.
  1. Additional tips for creating a unique password include:
  • Avoid using birthdates, pet names, children’s, spouse, one’s own name, or common passwords such as “admin”, “password” or “qwerty.”
  • Select a phrase only the user knows and can remember.
  • Try using a misspelled English word.
  • Replace “o” in the phrase with zeros.
  • Replace “a” in the phrase with @ signs.
  • Replace “e” in the phrase with “3.”
  • Add a few special characters from above the number or punctuation keys.

·  Swear words are not tolerated as they are easily hacked.

Form Copyright © 2013 by InstaCode Institute.

Form may only be copied and/or customized by the owner of this book for use in his/her own office.