The following eight items are just some of the best practices the health care industry uses to safeguard protected health information (PHI) and other types of sensitive information.
- Make sure team members have individual user accounts while using your network. Ensure the user specific rules and roles are defined and applied to your network.
- Use both off-site (cloud) and on-site backup to protect your data so that no matter what happens, you always have a good backup in place.
- Limit or block personal use of computers at your workplace.
- Train all team members to never click on an email unless they are expecting it. If you receive an email that you’re not expecting, call the sender to confirm it came from them before clicking on anything within the email.
- Have a password policy that requires team members to change their passwords on a consistent basis and encourages them to use different passwords for different applications.
- Use two-factor authentication with your accounts (especially email) whenever possible.
- Anytime you plan to send an email that includes PHI or other types of sensitive business information, make sure to use a secure email solution. Don’t just send via regular email.
- Make sure to use a quality anti-virus program and firewall for your business.
While these best practices can’t ensure you’re 100 percent protected, they will make it more likely that you’re protected when your business needs it most.
