What Doctors Wish You Knew About HIPAA and Data Security

/in


A former Department of Homeland Security adviser and a doctor, Chris Pierson is CEO of BlackCloak, a company that specializes in personal digital protection from financial fraud, cybercrime, reputational damage, and identity theft. He believes vigilance is key for doctors and patients alike.

Protect Your Entire Family

“I don’t think people realize that once someone is able to get just one piece of information, that can lead to opening others’ private data,” Pierson says. “It’s no longer the original individual on their computer, but additional family members’ identity that can be compromised.”

He explains that even if one organization keeps your data safe, another associated one may not, and that’s where criminals will strike. 

“It’s not just medical offices. It’s your pharmacy, labs, insurance company, anyone who keeps personal information. That has real value, and selling it is the priority.”

Victims of identity theft can be revictimized when personal information gets into multiple hands. A street address and verified phone number can go far, especially if the phone contains many contacts, who then become vulnerable to attack themselves.

“If you get Mom’s info, you can get the child’s as well. An ID card, social security, all of it, and then they have the ability to collect false medical claims or just extortion. It’s a two for one.”

Two-Factor Authentication Is Worth the Effort

Pierson mentions how critically important it is to use a multistep authentication system. Your level of protection goes up considerably just by using secure passwords and one-time authentication codes.

Thankfully, setting all this up is easier than it sounds. Apps on your phone or tablet can help. Google Authenticator, when paired with a service that supports authenticator apps, provides a six-digit number that changes every few seconds and can keep people out of your data even if they have your username and password. Other companies ask users to enter an SMS code as the second authentication factor, in addition to a password, although SMS codes are less secure than authenticator apps. Either approach is better than none—unless a hacker is in physical possession of your…

Source…