Beyond the Deadbolt: Best Practices for Data Security
Data security takes vigilance
Here’s the thing: there’s no such thing as perfect security. You can buy the best lock and an intruder might still break your window. You can buy an iron door and someone might crack the code on your digital keypad lock.
To stay secure, you must continually assess your options and move toward adopting the best security technologies. That’s the MO at Healthx. We work continually to make sure our health portals are protected the best security tools.
Cutting edge technology is important, but there’s more to it. We work closely with you to make sure you stay ahead of the curve by taking additional steps such as:
1. Ensure company leaders truly understand the data environment and potential risks.
2. Educate staff members on security issues such as:
a. What does and does not constitute a HIPAA violation
b. Potential phishing attacks that target employees
c. The importance of secure passwords
3. Implement effective security rules across the organization
4. Closely scrutinize provider and member sign in protocols
5. Leverage external companies to perform security screenings to ensure that sensitive data is not unduly exposed
Best practices for data security
We also recommend educating your members on basic data security practices. For example, the Federal Trade Commission recommends that consumers keep data secure by:
1. Looking out for impersonators
Consumers should know who is getting their personal or financial information. They should refrain from giving out personal information on the phone, through the mail, or over the Internet unless they’ve initiated the contact.
2. Safely disposing of personal information
Before disposing of a computer, it’s important to use a wipe utility program to overwrite the entire hard drive. It’s important to wipe a memory device before disposing of it as well.
3. Encrypting data
To guard online transactions, everyone should use encryption software that scrambles information sent over the internet.
4. Keeping passwords private
Use strong passwords across all devices. To ensure passwords are difficult to discern, try using a special phrase and use the first letter of each word as the password. Substitute numbers for some words or letters.
5. Resisting the temptation to overshare on social media
If people post too much information on social media sites, an identity thief can leverage the information to answer challenge questions gain access to accounts.
By Scott McPheeters, CSO, IT Manager