So, it is with that in mind that I offer eight tips on how you might keep your office from being part of Mr. Kennedy’s statistics on breached healthcare organizations.

•    User names and passwords – Do not use generic or default user names and passwords.  Passwords should be at least six characters long and incorporate numbers, letters (upper and lower case) and special characters.  They should be changed periodically, I’d suggest quarterly. 

Here is a link to a site that lists the 100 most common passwords.  If your password is on this list, change it.

•    Anti-Virus software – You should have anti-virus software installed on every one of the computers in your office.  See my post entitled “Combating Computer Viruses in the Dental Office” for more details.  The product you use should include anti-spyware and anti-adware features.

•    Encrypt your files – If your software vendors do not encrypt their data files, look into a product that will provide full disk encryption.

•    Keep your operating system up to date with the most recent security patches – When a weakness is found in an operating system the manufacturer will swiftly remedy the problem with a software patch.  News of the weakness will also spread quickly through the hacker community.  Don’t let the hackers win the race to your computer.

•    Install a firewall between your office network and the Internet.  A firewall will filter the traffic between your systems and the rest of the world.  This is likely to be included in your network router.  Check with whoever set up your office network to see if they have configured a firewall and review this every time you make a change to your network to be sure a vulnerability has not been created.

•    Don’t click on unrecognized links sent to you in email.  A favorite trick of hackers is to link you to a familiar looking sign-on page.  It is not the sign-on page but a cleverly created copy.  When you attempt to sign on, they have collected your user id and password.

•    Use only trusted Wi-Fi hot spots to access your office data.  Many practices use tools like LogMeIn or GoToMyPC to remotely access their information.  Don’t do this on just any network that appears as an available Wi-Fi access point.

•    Buy a shredder.  Not all hacking is done electronically.  Remember hackers are lazy and nosing through your trash may be much easier than trying to guess your password.

Following the above tips may not make your systems hack-proof but will throw up enough barriers to encourage our lazy hacker to find an easier target, and there are plenty of them out there.  Being the easy target would be a wrong click.

.