You play an important role in keeping your organization’s sensitive information secure. Make a habit of following these best practices to reduce the risk of a breach of sensitive information. Keep this list handy for future reference.
2. 1 manage your
passwords
• Use strong passwords - mix 8 or more upper and lower
case letters, numbers, and special characters.
• Don’t use the same password for every account.
• Don’t share your passwords with others.
• Have a lot of passwords? Use a password manager
application to create and store them.
• Don’t email or text your passwords. If you must share
them, do it in person or over the phone.
3. 2 maintain your
software
• Remove applications you no longer need.
• Watch for and respond to security update notices. Apply them
immediately. These include your operating system (e.g. Windows
7 updates), web browsers (e.g. IE, Firefox, Chrome), and helper
programs used to run applications and read/play files (e.g. Java,
Adobe PDF Reader, Flash, QuickTime).
• Keep your anti-virus program updated, configured properly, and
running.
• Encrypt data according to your organizations policies.
4. guard against
phishing attacks
• Carefully scrutinize links and attachments in emails before you click or open.
• Use bookmarks to safely return to sites you visit frequently. Use browser
functions that warn of sites with poor reputations.
• Be wary of all outside requests for sensitive information; whether by e-mail,
phone or text message.
• Independently verify the identity and authority of any requester before disclosing
sensitive information, and then only if there is a legitimate business need.
3
5. keep sensitive
information
physically
secure
• Lock documents away when not using them.
• Shield information from view when others are near.
• Lock your PC screen and keyboard when away from your desk
(Windows key + L on a device running Microsoft Windows).
• Keep mobile devices (laptops, smartphones, tablets, USB sticks, etc.)
either within your sight, or locked up at all times.
• Destroy sensitive information (hard copy and electronic) when no
longer needed.
4
6. avoid unsecure
networks
outside the
office
• Don’t connect to the office from public Wi-Fi networks; use your
phone’s cellular data plan instead.
• If you connect while traveling or work from home, have your IT
department set you up properly with secure remote access.
5
7. if you suspect a
breach
• Do not panic. Decisions made within the first 72 hours of a data
breach are critical, and mistakes can be costly with lasting effects
on your practice.
• Do not turn off or reboot any systems. Do not allow anyone to
take any action on affected systems.
• Record critical facts about the incident (date and time of
incident, who discovered, what happened).
• Report the suspected data breach to the designated person in
your organization.
6
8. protection for
a new era of
medicine
about tmlt:
With more than 17,500 physicians in its care, Texas Medical Liability Trust (TMLT)
provides malpractice insurance and related products to physicians. Our purpose is to
make a positive impact on the quality of health care for patients by educating, protecting,
and defending physicians. www.tmlt.org
Find us on:
7