10/02/2012
Neil Baum, MD
Neil Baum, MD, is Clinical Associate Professor of Urology, Tulane Medical School, New Orleans, LA, and author of Marketing Your Clinical Practice: Ethically, Effectively, and Economically, Jones Bartlett Publishers.
There are a few common sense suggestions that can make your passwords hack-proof and should be used by every medical practice to ensure protection, privacy, and HIPAA security:
- Each computer should have password protection before the computer can be opened
- Each application, especially your EMR and PMS, needs a password before the user can access the program
- Advise your staff that it is unacceptable to keep passwords on a sticky note around the computer, written in a cryptic format on the computer, laptop, or Smart Phone
- Passwords should be changed every 90 days
- All devices need to automatically go into the timeout mode after several minutes of inactivity.
- All servers should be under lock and key.
Bottom line: By taking a few of these precautions, you can be sure that hacking, data theft, and unauthorized users will be kept to a minimum.