Password TipsJuly 31st, 2017 - Wyn Staheli
How secure is your password? Do you use the same password for all, or many of, your online accounts? Do you use your mother's maiden name? Do you always use your pet's name? Do you write down your password near your computer? Do you have a password on your computer?
Passwords are one of the most common security holes for everyone (work and home). You probably lock your front door, lock up your patient records, and even set an alarm, but most people do not abide by the basic rules of password security. Why? Because there are passwords for everything and we all end up struggling with all the passwords we need to remember. If you have a different password for every online account, computer and voicemail, how in the world can you remember them all?
There are some steps you can take right now to help reduce your risk of identity theft, or security breaches. Don't wait - take steps TODAY!
HIPAA & Passwords
Regardless of whether or not you are a HIPAA covered entity (these days most healthcare organizations are), your office's Policies and Procedures Manual MUST include a section on passwords and security. Employees need to have password guidelines regarding how to protect both office and patient information included as part of their periodic staff training. Find-A-Code's Complete & Easy HIPAA Compliance offers a HIPAA Compliance Audit which walks you through the steps necessary to identify privacy and security shortcomings. Passwords are part of this audit process. Our HIPAA Compliance book also includes the logs, guidelines, and policy templates you need to get your organization started.
Password Do's and Don'ts
Don't do the following:
- Use passwords that have personal significance. It makes it easy for someone to guess your password. For example: pet name, mother's maiden name, birthday, spouse or significant other name, school you attended. This is how Sarah Palin's email account was hacked into during her presidential race.
- Use the words "password", "passcode", "admin" or anything similar to them.
- Tell anyone your password! Sounds simple, but it happens all the time.
- Use phone numbers - home, office, mobile phone, etc.
- Use the name of a celebrity.
- Use a swear word - they are really easy to guess!
- Use license plate numbers - yours, friends or relatives.
- Use your home or office address or that of your friend (or any of those zip codes).
- Make slight modifications to any of the above - like adding the number 1 to the end or just reversing the letters of any of the above don'ts.
- Use the same password for all or more than one of your online accounts - especially when you sign up for a new online account. Don't use the same password for your email account as you do for the new account.
- Write your password down next to your computer.
There is so much personal information available on the web, that guessing is very easy to do - especially for a disgruntled employee who knows you personally.
Do the following:
- Mix numbers, letters (use both upper AND lowercase), and special characters like % (if allowed).
- Make your passwords longer than 6 characters. This makes it harder for someone to guess and for hacking software to crack.
- Use the first letters of a phrase that you can remember. For example, "My cat, fluffy has 3 stripes on her tail" would be McFh3sohT.
- Remove vowels from a phrase you can remember. For example, "Friday Night Pizza" would be FrdyNghtPzza.
- Use a phrase from favorite book or movie and add something to the end like the page or chapter.
- CHANGE YOUR PASSWORD EVERY 60 DAYS! This is a HIPAA requirement and it makes common sense for the rest of us. You can cycle numbers up and down to help you remember your passwords/phrases.
There are many good password manager programs on the market that can help you create and safely maintain unique passwords (e.g., LastPass, Roboform). PC Magazine has a good article about password managers and even rates the different programs for you. CLICK HERE to read their informative article.
If you have questions or comments about this article please contact us. Comments that provide additional related information may be added here by our Editors.
Latest articles: (any category)Artificial Intelligence in Healthcare - A Medical Coder's Perspective
December 26th, 2023 - Aimee Wilcox
December 22nd, 2023 - Find-A-Code
December 19th, 2023 - Aimee Wilcox
December 12th, 2023 - Aimee Wilcox
November 14th, 2023 - Aimee Wilcox
October 26th, 2023 - Wyn Staheli
October 11th, 2023 - Wyn Staheli