Creating a Strong Password for HIPAA

October 20, 2012

HIPAA Password Security
Though it might be enticing to use your pet’s name or your street name, you may be making your accounts more susceptible to a potential security breech. In order to maintain the privacy of patient data particularly when using an EMR, I have compiled a list of items to help you have the strongest possible password.

Creating a Strong Password
A general rule of thumb is the longer the password the harder to crack. All Valant passwords must be at least 6 characters.

* Character Types: Strong password usually include a mix of capital and lowercase letters in addition or numbers and alternative symbols (?, $, and %).

* Challenging: Try thinking of your password as more of a passphrase. Try substituting numbers for letters. Additionally, thinking of a phrase and converting it to be more difficult.

(Examples: 8 =B, 3= E)
(Example: I love using the Valant EMR for my practice = i#UtV3MRfmp!)

* Extra Protection: I cannot stress enough the importance of not sharing or exposing your password. Do not write down your password. If you experience difficulty remembering your passwords write an ambiguous hint to trigger you memory. Never store passwords electronically. Change your password often: we recommend every 2-3 months.

Avoid

* No Words: This includes proper nouns, foreign words even words spelled backwards.

* No Reusing Passwords: Using the same password on multiple accounts can make all of your information more vulnerable

* No Personal Information: Avoid using information that easily guessed; ex. address information, birth date, pets name.

A strong password could be one step that helps protect you and your practice against unauthorized access to your patient’s electronic health information (ePHI). It’s one small item that can make a very big difference.

AUTHOR: Micah Adler

Last Updated: January 19, 2018