Tea Buzz



Data Security Download Series: Make Passwords Complicated and Change Them Often

Posted May 29, 2018

At Tea Leaves Health, we pride ourselves on our hyper-secure process to protect our clients’ patient information. Due to the prevalence of data breaches occurring in industries around the country and world, we wanted to elaborate on 10 data security best practices we follow – and recommend you follow – to prevent a security breach. Previously in this blog series we covered third parties’ security. This week, we’ll explore making passwords complicated and changing them often.

  1. Evaluate all third parties’ security
  2. Make passwords complicated and change them often
  3. Use firewalls and Anti-Virus software
  4. Control physical access to PHI
  5. Protect information on portable devices
  6. Protect the network by limiting access
  7. Secure wireless networks
  8. Eliminate unnecessary data
  9. Educate staff members and create a security culture
  10. Have data backup, recovery and breach response plans in place

One basic step toward making your data more secure is creating strong passwords for all systems within your organization. Any time you log into any system to do work, a password should be required. Passwords should be complicated so they cannot be easily guessed by hackers. Strong passwords include at least eight characters, a combination of upper- and lower-case letters, at least one number and at least one special character. Passwords should never include personal information such as names, birthdates, family members or social security numbers.

Passphrases slightly deviate from normal passwords, and they are becoming increasingly more popular. Passphrases are, according to SANS, “A series of random words or a sentence,” and they are strong and easy to remember. Simply use an entire sentence for your password, such as, “It’s beach time!” By using spaces and punctuation, you create a long password that’s hard for hackers to guess but is easy for you to remember.

Also, passwords should be changed on a regular basis and a plan should be put in place for password recovery, in the event that passwords are forgotten.

If you’d like more detail on each of our 10 data security best practices now, feel free to download our white paper on Data Security Best Practices, or contact us for more information.