In early 2016, PBS called healthcare hacking an “epidemic.”

The U.S. HHS estimated there was an average of four data breaches every week by March of 2016.

How can a therapy practice stay secure when data breaches happen so often?

You don’t need to be a technology expert to keep your online information safe. Here are a few basic steps you can take now to protect your practice in 2018.

How to Protect Yourself with Stronger Passwords

The easiest thing you can do right now is set up a stronger password on your computer and internet router/modem.

Your router should be password protected and not open to the public. It usually comes with a password already set, but these aren’t secure.

Create a Strong Password

Make sure the password includes letters, numbers, and symbols. Try to use at least 17 characters. Never use something easy to guess — like street addresses, birthdays, or phone numbers.

Any information that’s available to the public is always a bad idea for a password. Even if it makes the password easier to remember.

Give Employees Unique Passwords

Give each employee a unique login and password. This goes for computers and important software applications. Many unique passwords make breaking into your system less likely. Make sure any other internet-connected devices in your office are password secured.

Use Two-Factor Authentication

Two-factor authentication requires two different items to identify you. This is usually your regular password and clicking a prompt on your smartphone.

With two-factor authentication, it’s very hard for an adversary to access your account. Even if they know your password. Of course, make sure that your phone is also safe.

Watch Out For These Common Email Scams

Get an email from people with unusual names or email addresses you haven’t seen before? Mark them as spam. Don’t open them. Email spam filters are more accurate than ever. But things can slip through the cracks now and then.

Another common email scam is “phishing.” A company will pose as a reputable organization (like a bank) and try to make you click a malicious link. Or give your login information.

One red flag is any subject with the words “URGENT” or “EMERGENCY.” When in doubt, delete the email. Companies won’t contact you over email about a situation that requires immediate attention.

An Easy Way to Remember Hard Passwords

LastPass lets you create complex passwords without needing to remember them. Users can create a secure and unique password for each website. Each password gets stored in a secure “vault” that only someone with the master password can use.

LastPass also has a Security Challenge feature to find weak and old passwords to update. LastPass stores your password vault online using “zero-knowledge” encryption. Meaning that even LastPass employees can’t see your passwords. LastPass also offers two-factor authentication for extra security.

If you’d rather not use a cloud-based app, KeePass offers similar services that are not online.

Be Proactive – Not Reactive

Keep these tips in mind when toughening up your practice’s security barriers in 2018. If you have questions we didn’t answer in this article, please contact us. We’d be more than glad to help.