With the risk of a cyber-security breach increasing on a daily basis, below are some tips that will help a practice owner maintain the security that they need in order to protect patient information.
Use Strong Passwords and Change Them Regularly
Choose a password that is not easily guessed. Below are some examples of strong password characteristics:
❒ At least eight characters in length (the longer the better).
❒ A combination of upper case and lower case letters, one number, and at least one special character, such as a punctuation mark.
Strong passwords should not include personal information, such as:
❒ Names of self, family members, or pets
❒ Social Security Number
❒ Anything that is on your social networking sites or could otherwise be easily discovered by others.
Configure your systems so that passwords must be changed on a regular basis.
To discourage staff from writing down their passwords, develop a password reset process to provide quick assistance in case of forgotten passwords. This process could involve:
❒ Allowing two different staff members to be authorized to reset passwords
❒ Selecting a product that has built-in password reset capabilities.
Limit Network Access
❒ Prohibit staff from installing software without prior approval.
❒ When a wireless router is used, set it up to operate only in encrypted mode.
❒ Prohibit casual network access by visitors.
❒ Check to make sure file sharing, instant messaging, and other peer-to-peer applications have not been installed without explicit review and approval.
Control Physical Access
❒ Limit the chances that devices (e.g., laptops, handhelds, desktops, servers, thumb drives, CCs, backup tapes) may be tampered with, lost, or stolen.
❒ Document and enforce policies limiting physical access to devices and information.
❒ Keep machines in locked rooms.
❒ Manage keys to facilities.
❒ Restrict removal of devices from a secure area.
Stuart J. Oberman, Esq. handles a wide range of legal issues for the veterinary profession including employment law, cyber security, practice sales, real estate transactions, lease agreements, OSHA compliance, veterinary board complaints, and entity formation.
For questions or comments regarding this article please call (770) 554-1400 or visit www.obermanlaw.com
If you would like Stuart J. Oberman, Esq. to speak at an event, please contact Katharine Drum, Marketing Coordinator (firstname.lastname@example.org).