During a stay in the hospital, it’s likely that your cybersecurity is one of the last things on your mind. But hospital data security is increasingly becoming the target of ransomware attacks, phishing scams, and data mining schemes. And while patient data security and IT healthcare compliance are an increasing concern among hospital administrators, there are still steps you should take as an individual to keep your personal information safe.
Here are our best tips on how to increase data security no matter where you are.
Closely Examine Your Healthcare Apps and Devices
If we read all the terms and conditions that come with the everyday life of a technologically advanced society, we wouldn’t have time to use the technology we’re signing up for. But when it comes to protecting your private health information, you should be stepping up your game.
Closely read the service and privacy agreements attached to any app that records or transmits health information to gain an understanding of how your data is collected, stored, and shared. Remember that vendors you grant access to your information may have deals with third-party advertisers. Once your information is shared, you can’t take it back, so download only trusted and verified software and apps.
Use Strong Passwords
We all know this advice, but it bears repeating. You should develop strong passwords and change them often. This is the best defense against hackers and data miners–there is always lower-hanging fruit so give them a reason to give up and move on.
The definition of a strong password has evolved over time, but currently, we define it as a series of non-consecutive letters (upper and lowercase), numbers, and special characters. Afraid you won’t be able to remember a random string of numbers and letters? Try this method:
First, think of your favorite song lyric, quote, or a memorable phrase. For this example, we’ll use the phrase, “It’s raining cats and dogs!”
Take the first letter of every word–ircad. Now you have your letters. Capitalize them as you see fit. Now add a number that’s meaningful to you, but not commonly known (never use your birth year). We like 31415 (the first digits of pi).
Now we have IRcad31415. Add a special character – IRcad*31415! – and you have a completely secure password that is almost impossible to crack!
Note: PLEASE do not use this example as your password. If you’re seeing it on the internet, it is no longer a secure password.
Avoid Using Public WiFi Networks
Using public WiFi can leave you vulnerable to scanners and hackers that target hospitals specifically to access patient information. If possible, use your data instead, or carry a hot spot with you.
If you have no other option, at least try not to access important accounts and apps that hold sensitive information like banking apps and digital health charts. Stick to entertainment browsing–anything that doesn’t require entering a password or other personal info should be fine.
Healthcare IT systems do their best to fend off potential attacks with firewalls, VPNs, etc., but unfortunately making a WiFi network “public” means that anyone can be on it.
Don’t Overshare on Social Media
Sharing medical news on social may be cathartic but, unfortunately, it’s also information that hackers can use against you. Hackers can use sensitive medical information like depression, cancer, or even high cholesterol to compile convincing dossiers that allow them to steal your identity and receive medical treatment at your expense.
If you need to share, use strict privacy policies on posts so only close friends and family can see them. And never post about being in the hospital while you’re visiting. Hospital data security does what it can, but they’re more focused on data management to improve patient care and their hospital data management system–not on end-user privacy.
It feels natural to ask a doctor questions about your symptoms and your health, but you’ve likely never considered asking them what they do with that information and whether or not it’s shared. Don’t worry about feeling uncomfortable or putting your doctor on the spot. If they don’t know the answers to your questions, they should be happy to find them out from hospital administration.
HIPAA prevents hospitals from sharing private information with third-party advertisers, but some facilities and practices share aggregated (anonymized) patient information for research purposes. Likewise, you should ask questions about your hospital’s data retention policies.
Every state has its own laws regarding how long they are required to keep your medical records. If you move, or if the practice is sold or your doctor retires, you want to make sure you’re able to get your hands on your information, and that they will be destroying any paper copies in a secure manner. Make sure you know how your information is being collected and shared.
Guard Your Insurance ID Card
It may be tempting to take a picture of your insurance ID card so you always have the information handy, even if you switch wallets or purses, but this can leave you open to risk. Digitizing the information means scanners and hackers could find it and use the information to receive medical treatment or run up medical bills in your name which they then try to collect on.
If you see companies offering free trials of a supplement or medication online in return for your insurance info, don’t sign up. It’s almost certainly an identity theft scam.
Keep Your Mobile Devices Updated
One of the number one causes of data security breaches on phones and tablets is out-of-date or faulty software. Updates are released specifically to repair glitches and patch security holes that allow hackers and hijackers access to your device. When you don’t update, you are missing out on vital security protocols and hackers will take advantage.
The same goes for software downloaded on your laptop, phone, or tablet. When an app or Adobe Suite releases updates, accept them. Many subscription services like Microsoft Office auto-release updates, which means you have one less thing to worry about. But check in on your operating system updates and your anti-virus software periodically to make sure you’re using the latest version.
IT in Healthcare Management
If you are a doctor or a medical administrator, and you are interested in updating your network to protect your patients’ personal information, contact Scale Technology. We help our clients remain HIPPA compliant and run their IT network so they can get back to what they do best–being a doctor.
For more information, check out our blog–we cover topics from data security employee policies to why is it important to keep accurate records in healthcare.