You have probably already heard about some healthcare data breach and, hopefully, your data wasn’t affected in such a breach.
In addition to hacking big hospitals and health systems, hackers are also on the lookout for our personal health data. And with the growing number of various digital health tools and services, it seems easier for them to get their “fix” than ever.
On your end, you can do a few things in order to protect your healthcare data. Here are 5 things we suggest:
1. Strengthen your authentication
Set up two-factor authentication wherever possible. If you can, add biometrics to mix – like your fingerprint or your face, which you already may be using to unlock your phone.
There is SMS-based two-factor authentication as well as the one that relies on so-called authenticator apps. These apps generate a random number that you put into the app or website (in addition to your username & password) for an added security.
Also, use strong passwords and password manager software. There are great solutions out there – you just have to try them out.
2. Encrypt your data
Make your personal health data is unreadable to anyone except authorized users. This is accomplished with encryption and it should be applied to all your health-related documents, images, messages and other relevant data.
For what it matters, technical safeguards as defined by the HIPAA Security Rule are meant to govern the access to electronic protected health information and include the following specifications:
- Unique user identification
- Emergency access procedure
- Automatic log-off
- Encryption and decryption
3. Create an audit trail
If you’re not the only one using your devices and have access to data, make sure to know who accessed it/them and when. This will help you produce and maintain the so-called data audit trail which is required by the HIPAA Final Omnibus Rule.
Administrative safeguards are also regulated through the HIPAA Security Rule to protect personal health information. These policies require you to:
- Identify pertinent information systems
- Conduct a risk assessment
- Implement a risk management program
- Obtain IT systems and services
- Craft and deploy policies and procedures
- Develop and execute a sanctions policy
4. Know how to dispose of old equipment
You may no longer need a laptop – you got a better one, but you should know what to do with your old gear. The first thing that comes to mind is to erase everything on the hard drive of that old computer. Then, and only then, can you safely send it to recycling or give it to someone who needs your old gear.
And the same goes for any software and services you are no longer using – make sure to delete all personal data so it couldn’t get into the wrong hands.
5. Use a VPN
A VPN will automatically encrypt all data coming to and from your devices and the rest of the Internet. And by doing so, it will make it impossible even for savvy hackers to snoop into your traffic to potentially get ahold of your personal health data. There really is no reason to make life easier for them.
As always, we suggest visiting our page with Best of the Best VPNs and finding the solution that works for you. All services on that list have been field-tested for years and will have your back no matter what you’re up to. So pick a VPN from that list and never look back.