September 12, 2012
One of the most basic and simplest to implement security measures is ensuring that you have a strong User ID policy in your practice. It starts by ensuring you have a unique User ID for every team member. Staff should not be sharing User IDs for any of your electronic systems. You should also establish guidelines to help your staff strengthen authentication by avoiding weak passwords.
Here are just a few recommendations to creating strong passwords:
- Generally 6-8 characters is a good number for password strength
- Use a combination of uppercase and lowercase as well as numbers
- Use special characters (for example, an @ sign can be substituted for an ‘a’ in a password)
- Be sure that the password can be easily memorized
- Use a passphrase
- Make sure it can be typed quickly so it cannot be seen
- And, lastly, change your password frequently
A few other tips are to instruct your staff not to share their passwords with others and not to write them down. Once you’ve created this policy, why not include it in your practice Policies & Procedures. This will be one more ‘checkmark’ in the completed column of your security risk compliance.
Share and Enjoy: