Features Navigation

Live Chat (800) 825-0224 Live Demo

← Back

Is your email safe?

Disclaimer: This blog article was written by an AdvancedMD partner. The views and opinions expressed in this article are those of the author(s) and do not necessarily reflect the official policy or position of AdvancedMD.

Have you ever received an email from somebody who you know and trust, only to find that the email did not come from your friend?

Have you ever received ‘bounce’ emails related to emails you never sent?

How does a hacker find an email address and then get access to an email account?

Just a few days ago, Cybernews reported the largest compilation of emails and passwords were leaked on a public forum. “More than 3.2 billion unique pairs of cleartext emails and passwords have just been leaked on a popular hacking forum, aggregating past leaks from Netflix, LinkedIn, Exploit.in, Bitcoin and more.”

Is your email address and password in the list of emails that have been breached? Cybernews has a checker that will tell you.

Password management and password security are just on part of a good HIPAA security plan. If your email is in that list, then hackers may have access to your email account. Now is the time to take steps to protect yourself and those you share email with. The key to email security is passwords.

Changing Passwords

You should have a policy at your practice (and in your personal life) that passwords should be changed on a regular basis. Once a year at minimum, once every three months is much better.

Using Strong Passwords

A strong password is a password that is at least eight characters long, has upper case letters, lower case letters, numbers and special characters (numbers shifted).

Do Not Reuse Passwords

If you have multiple accounts, make sure that you have a different password for each account. If you use the same password for all of your accounts, then if a hacker has one of your passwords, the hacker has all of your passwords. Having different passwords for different accounts can be a daunting task, but password managers can help with that. A password manager is a secure program that creates a unique password for each website you access. This way is one website is breached, only that one complex and unique password is breached and your entire identity is not at risk.

Use 2-Factor Authentication

Two-factor authentication is a process by which you need more than just your password to log into a system. If you are participating in the MIPS program and have an account at qpp.cms.gov you are already familiar with 2-factor authentications. One type of 2-factor authentication involves text messages. After you enter you correct username and password, you get a screen asking you for your authentication code. The service you are trying to log onto sends a code via text to your smart phone and you must type that code into the web browser to log onto your account.

Now is a good time to look at all of your accounts and determine if they support 2-factor authentication (also referred to as 2FA). If that is available, it is in your best interest to turn it on. If a service, you utilize does not offer 2FA, now is a good time to ask why.

Many security breaches are related to weak passwords and passwords that are reused. Following the simple steps in this article can help to improve security at both your practice and in your personal life.

For more information on password security and implementation of a HIPAA security plan at your office, please contact TLD Systems at tldsystems.com, [email protected] or call (631) 403-6687.

Michael Brody, DPM
Dr Brody has been actively involved in Computers and Medicine since the 1980’s. Dr Brody as a Residency Director at a VA hospital on Long Island and was present as the VA moved from paper records to computerized records. During this time, he was exposed to the stringent rules and regulations that government employees need to adhere to when protecting patient information. He co-founded TLD Systems with Warren Melnick to create a platform that doctors who wish to work in private practice have a cost-effective method of implementing HIPAA compliance in their practices in a manner that does not interfere with their ability to practice medicine. He has served on the Health Information Technology Standards Panel (HITSP), the Standards and Interoperability Framework (S&I), as a member of the Ambulatory Care Committee at the Certification Commission on Health Information Technology (CCHIT), and numerous other organizations. He is currently a member of the Physicians Committee at the Healthcare Information and Management Systems Society (HIMSS) and a co-Chair of the EHR workgroup at Health Level Seven International (HL7)


Other Resources Related to This Topic

No results found

“The money I have invested in AdvancedMD is miniscule compared to the return. I have never been more efficient – ever – in my professional life as I am now.”

Jed Shay, MD
The Pain Care Center

Read the story  ›

“[Our] patients are very well-educated and well-informed, and they want to see results quickly. The practice has to run extremely efficiently and be accessible to them. The nice thing about [AdvancedMD] is it has allowed me to be more efficient both in and out of the office. Now I don’t have to come back into the office, which is great for my family and everything else. It saves me a lot of time – probably an hour a day on the three days I work in the second office.”

Keith Berkowitz, MD
Center for Balanced Health

Read the story  ›

“The best thing I ever did in private practice was getting AdvancedMD—it has liberated me.”

Estaban Lavato, MD
La Loma Medical Center

“Having integrated practice management and EHR is absolutely wonderful, you don’t have to flip back and forth between systems—all of your information is at hand when needed.”

Raju Raval, MD

Read the story  ›