Ensuring that employees are creating unique passwords is exceptionally difficult. Although most know in theory not to reuse passwords or use the same one across multiple interfaces, many still do out of convenience or comfort. However, this means if a hacker uncovers the password for one network, they can easily gain access to all the rest, exponentially increasing the impact of the breach.
Unfortunately, organizations are often unable to ensure that their employees are using unique and new passwords for each software and device. A data analysis done by enterprises revealed that 7% of employees are using passwords that were involved previously in a data breach, 20% are using passwords that are easily compromised and 13.39% have shared their passwords. If this isn’t enough, this same study unveiled that 19.1% of users had set a password that was used before, shared or extremely weak.
The more resources an organization has to ensure the security of their networks, the better, especially in the healthcare industry where patient PHI is targeted by hackers. This includes technology, such as third party software, that prevents the use of weak or recycled passwords. These programs also prompt employees to change their passwords frequently so as to reduce the threat. Organizations may also consider providing training and educational programs for employees to raise security awareness to prevent practices like password sharing or duplication.
The use of mobile devices is at an all time high in the healthcare field due to the convenience and need for timely mobile communication. Mobile devices help to lower cost and facilitate the delivery of healthcare as texting is advantageous over calling in many situations. Having passcode security when dealing with mobile devices is especially important as they can be lost or stolen. A home screen password is not enough, as recent news has shown, devices can be hacked through various methods of bypassing password protected lock screens, leaving text messages and applications storing patient PHI vulnerable to exploitation. Using applications with their own access passcodes or passwords provide an additional barrier to hackers in the case of a lost or stolen device.
With Lua HIPAA compliant messaging, users can have additional layers of security and compliance to further protect patient data. Along with a password to access the app, Lua also provides many other levels of armor such as encryption at all stages so that shared messages and files are not vulnerable to interception while moving through the network. Files and documents are also stored in the app itself instead of on the device or a user’s personal cloud. If a device were to be stolen, Lua can also be remotely wiped, logging the user out of Lua so that patient PHI cannot be accessed.
When it comes to the security of a company’s networks, both the organization and the employees themselves must work together to maintain strong safeguards. Secure and unique passwords are exceptionally important, and having a device and applications armed with multiple password levels adds yet another layer of protection. It shouldn’t take a security breach to realize the magnitude of the consequences; it is always better to take preventative measures to ensure the safety of your patient’s personal data.