Ok, it sounds a little cliched - like it belongs on that groan-worthy motivational poster hanging in your office someplace - but that doesn't make it any less true or pertinent to all of us. Cyber-security is only as strong as it's weakest link and, because we all work with protected health information on a daily basis, a weak or broken link can have serious repercussions for our organizations and the clients we serve. So, how strong are your personal cyber-security standards?
Do you ever store passwords in your browser?
In AWARDS trainings users frequently acknowledge that they don't know their
passwords because they store them on their work computers. We've been
seeing this more and more of late, and it's a terrible vulnerability that could
leave the data you work with exposed to access by unauthorized individuals. Be
sure you NEVER let your browser save a password, and if you've done so in the
past be sure to clear that information out of your browser's settings
immediately. Furthermore, take the time to set up a secure password
management system for yourself for home and business purposes (simply writing
your passwords down on a sticky note is not a solution) and with a little
research online you're sure to find something that works for you.
Do you ever share a
login with someone else?
Ever give your login credentials to someone who's helping you out? For
instance, an intern doing AWARDS data entry over the summer? If you do,
you're putting yourself and your clients' data at risk, not to mention violating
HIPAA regulations. Everything the other individual does - whether it's
simply doing the data entry they were meant to do, curiously dipping into
records they shouldn't be looking at, or inappropriately downloading
information - is attached to your login in the AWARDS system's audit records.
Take the time to make sure each and every individual has his/her own
AWARDS login credentials, and that those credentials only give the minimum
necessary access to protected health information. Similar standards
should be used for other software applications you may use as well.
Do you ever open
email attachments or click on links in emails without pausing to think?
This is a tough one because email is something we all use on a daily
basis, but before you open anything from an email it's always a great idea to
pause for a moment. Even if the source of the email looks to be
legitimate and/or someone you trust, that's not always a guarantee of safety -
emails can mask the true sender, links can be disguised to point you to
somewhere other than where you think you're going, and attachments can contain
malware that may harm your machine. When in doubt, take the time to type
a known URL directly into your browser rather than using an email link, or
verify from the sender that an odd email attachment is legitimate before
Do you ever neglect
to keep your computer up to date?
As the recent "WannaCry" ransomware attacks demonstrated, out of date
software can be the ticket into your machine for someone who has the wrong
intentions. It's incredibly important to make sure that your operating
system and browser are up to date with all of the latest fixes, patches,
security updates, and so on. Depending on which applications you use and
how your machine is configured, some or all of these updates may be taking
place automatically, but if they're not now's a great time to add a reminder to
your calendar to check for updates on a regular basis. Also remember to
keep your eye on the news for emerging cyber-security threats - even if your
system is updated automatically, there may be instances where you'll want to
get a security fix in place before it would otherwise be installed on its own.
The national news and/or cyber-security sites online can be a great way to
stay up to speed with what's happening out there.
Did you answer "yes" to any of these questions?
If so, you're
not alone (they are all things we've seen in our work with AWARDS users out in
the field), but it means that it's time to evaluate and change your
cyber-security practices today. We encourage you to use the information
we've provided here to make some quick and easy changes in your daily workflow
to ensure that your personal security standards are in top shape today.
And don't forget - keep yourself informed. Cyber-security is a constantly
shifting landscape, and having just that little extra bit of information on
current threats and safety types can go a long way toward making your online
experiences safe ones.