While developers and PACS vendors will go the extra mile and try to convince you that their solution is safe and secure, don’t take their word for it. The ugly truth is that your solution can be compromised and hacked if you are not taking the measures to protect your business. It’s incredibly simple to avoid a breach and only takes a moment to implement. Here’s how:
There are many things you can do to ensure that your password is as secure as possible. When looking to fortify your solution, here’s a checklist to keep in mind:
Don’t share your password
Every staff member that has access to a workstation, should be required to have their own individual username and password. It’s as the old saying goes: too many cooks in the kitchen. You are essentially giving each individual global access to whatever that account entails, and perhaps that is your intention. However, if everyone is using the same account, you cannot assign accountability to any one person. That means when HIPAA comes knocking at your door for misuse of protected health information, everyone (even those not responsible) are put under a microscope.
Stop recycling passwords
It’s pretty plain and simple, if you use the same password, for your phone, bank account, email, and patient related accounts, the rest of your accounts are also at risk for a breach.
Include numbers, capital letters, and symbols
They typically say that the longer your password, the more secure it is. However, if your password is only including the alphabet (or worse - is a phrase, your name, etc.), your chances of a breach are increased because your password is simply not strong enough. By adding symbols, numbers, and capital letters into the mix, you are making your password tough to crack.
Try a password manager
Windows and Mac have multiple programs that auto generate a complex password for you. So, if you are not in the mood to create a long nonsensical password and remember it for future logins, leave the heavy lifting to the password manager. However, be warned: you will have to make a good password to access said password manager.
Talk to your vendor about other options
Some vendors have the ability to add on multi-factor authentication along with ensuring that all your devices on which you have logged on can be automatically or manually shut off. Talk to your vendor today about what additional measures you can be taking to protect your patient’s PHI. In fact, here are some questions we recommend you ask.
It’s too bad that medical workstations aren’t accustomed to having an iris scanner, fingerprint, or other futuristic measure in place to ensure that your system is secure. However, until that technology is developed and becomes the norm for signing onto a workstation, take the measures to protect your patient’s PHI. Remember, it only takes a few minutes to implement. If you choose to forgo taking these precautions, it can easily take a moment for everything to come crashing down.