Longer is Stronger – Password Tips
We thought it would be helpful to highlight some points about passwords within a medical private practice and how to protect your data. Even more importantly that of your private patients.
As we know, cyber security is a hot topic with the recent introduction of GDPR and the numerous data breaches we read about. This is particularly relevant for health professionals with their medical private practice and who are processing data defined by the ICO as ‘special category data’, as this requires additional security protections.
Passwords are the first line of defence with your internet security.
There are two key rules:
– use passwords that are easy to remember but hard to guess
– never write them down or tell other people
However in many cases theses two things conflict. It is easy to remember your password if it is always the name of your pet, or your name followed by a number. However not only is that easy for someone to guess who knows you, but is also means that a leak in one platform you use. For example Facebook immediately puts this in the public domain – lists of passwords like this are bought and sold on the Dark Web.
Additionally there are programmes that can quickly crack a password by running a dictionary of common words and names.
What you should do:
You’d be surprised how many people still use 123456 as their password or ‘password123’. Big no, no!
A strong password should contain at least 10 characters, contains at least one upper case, one lower case, one numerical number, one special character (e.g. Question mark) and not a word in the dictionary.
So what’s this equates to is that it is impossible to remember!
How about thinking of a phrase or saying, e.g. Humpty Dumpty Sat On The Wall etc. Take the first characters of each word – HDSOTWHDHAGF then change the S for 8 and O for 0. Alternate the capital letters, ending up with Hd80TwHdHaGf.
No one would be able to guess that, and it’s easy to remember…. just don’t say it out aloud!
Why password security is SO important in any medical practice..
The importance of secure storage of your patient data is not only vital but it’s now also a legal requirement. It is important to remember that if you process ANY data about private patients (this can be as little as name, address and DOB) then it is required by law that you are registered with the ICO and that you have data and privacy policies in place.
Get in touch if you need help and we can point you in the direction of sublet IT support.
Contact: [email protected]
To stay up to date with other news and articles: https://trusthealth.co.uk/blog/