Protecting Personal Data and Protected Health Information (PHI) In a Virtual World

As we manage more aspects of our lives online – from email to shopping to banking and social media – it’s more important than ever to protect our personal data. This couldn’t be more true than when it comes to Protected Health Information (PHI). At Foothold Technology, we take every precaution and comprehensive measure to ensure our customers’ data is protected from any security threat. Our software, AWARDS, is 100% HIPAA compliant.

That said, we believe it’s just as important that our customers take additional steps to protect data on their end. Here are 4 Helpful Tips for Better Security:

1. Passwords: How many passwords do you have? How many do you reuse for more than one account? How many are easily guessed? Is it ‘123456’ or ‘password’? These were the two most commonly used passwords of 2015. This is a familiar pain point for a lot of people because we want to protect our data, but we don’t want to remember a laundry list of complex passwords. However, this is one of the most important security steps you can take. Here are some tips for stronger password management:
   • Make your passwords hard to crack. At a minimum, passwords should be between 8-12 characters. Using a mixture of upper and lower case letters, numbers, and symbols such as !, @, #, etc. also make it tougher for others to guess.
   • For high-security accounts, such as email, online banking or electronic medical records, change your password every six months.
   • Never save your password in a browser, and never share your password with anyone. If you discover that someone has gained access to your account, change it immediately and make necessary notifications.
   • Use a password manager. These tools allow you to create complex passwords for every account, without having to remember every single one; you just have to remember a master password. Many of these tools offer free and paid versions. For a list of top free password management tools, click here (NOTE: Foothold Technology does not endorse any of these tools, nor do we have a relationship with any of these companies. This link is for your reference only).
2. Two factor authentication: Many websites offer two factor authentication as an extra layer of security (also known as “multi factor authentication”), that requires not only a password and username, but also something only the user has (e.g. a PIN, passphrase, a code that is sent to your phone, a physical token (or fob), or biometric authentication like a fingerprint).
3. Workstation/device security: When you leave your workstation – even temporarily – lock the screen with a password. This is not the same as a screensaver. Locking the screen will actually prevent someone else from accessing your computer unless they have the password.
4. Downloading PHI to your local workstation or device: When downloading personal or confidential information to your local computer (e.g. downloading a file to Excel), save and lock it with a password or encrypt it. If you have to send it to someone else via email, that person will need the password in order to view it. This prevents unintended recipients from viewing confidential files.

Remember, these steps should be applied to personal accounts, not just work. It’s the best and safest way to protect important data, whether it’s your own, or the PHI for individuals you serve.