View
1.882
Download
1
Embed Size (px)
Citation preview
What every physician needs to knoW:
cyber security best practices
1 manage your passWords
• Usestrongpasswords-mix8ormoreupperandlowercaseletters,numbers,andspecialcharacters.
• Don’tusethesamepasswordforeveryaccount.• Don’tshareyourpasswordswithothers.• Havealotofpasswords?Useapasswordmanager
applicationtocreateandstorethem.• Don’temailortextyourpasswords.Ifyoumustshare
them,doitinpersonoroverthephone.
2 maintain your softWare
• Removeapplicationsyounolongerneed.• Watchforandrespondtosecurityupdatenotices.Applythem
immediately.Theseincludeyouroperatingsystem(e.g.Windows7updates),webbrowsers(e.g.IE,Firefox,Chrome),andhelperprogramsusedtorunapplicationsandread/playfiles(e.g.Java,AdobePDFReader,Flash,QuickTime).
• Keepyouranti-virusprogramupdated,configuredproperly,andrunning.
• Encryptdataaccordingtoyourorganizationspolicies.
guard against phishing attacks
• Carefullyscrutinizelinksandattachmentsinemailsbeforeyouclickoropen.• Usebookmarkstosafelyreturntositesyouvisitfrequently.Usebrowser
functionsthatwarnofsiteswithpoorreputations.• Bewaryofalloutsiderequestsforsensitiveinformation;whetherbye-mail,
phoneortextmessage.• Independentlyverifytheidentityandauthorityofanyrequesterbeforedisclosing
sensitiveinformation,andthenonlyifthereisalegitimatebusinessneed.
3
keep sensitive information
physically secure
• Lockdocumentsawaywhennotusingthem.• Shieldinformationfromviewwhenothersarenear.• LockyourPCscreenandkeyboardwhenawayfromyourdesk
(Windowskey+LonadevicerunningMicrosoftWindows).• Keepmobiledevices(laptops,smartphones,tablets,USBsticks,etc.)
eitherwithinyoursight,orlockedupatalltimes.• Destroysensitiveinformation(hardcopyandelectronic)whenno
longerneeded.
4
avoid unsecure netWorks
outside the office
• Don’tconnecttotheofficefrompublicWi-Finetworks;useyourphone’scellulardataplaninstead.
• Ifyouconnectwhiletravelingorworkfromhome,haveyourITdepartmentsetyouupproperlywithsecureremoteaccess.
5
if you suspect a breach
• Donotpanic.Decisionsmadewithinthefirst72hoursofadatabreacharecritical,andmistakescanbecostlywithlastingeffectsonyourpractice.
• Donotturnofforrebootanysystems.Donotallowanyonetotakeanyactiononaffectedsystems.
• Recordcriticalfactsabouttheincident(dateandtimeofincident,whodiscovered,whathappened).
• Reportthesuspecteddatabreachtothedesignatedpersoninyourorganization.
6
protection for a neW era of
medicineabout tmlt:Withmorethan17,500physiciansinitscare,TexasMedicalLiabilityTrust(TMLT)providesmalpracticeinsuranceandrelatedproductstophysicians.Ourpurposeistomakeapositiveimpactonthequalityofhealthcareforpatientsbyeducating,protecting,anddefendingphysicians.www.tmlt.org
Find us on:
7