HIPAA TIP: Takeaways from Cybersecurity Awareness Month 2023

What did we learn this year about Cybersecurity Awareness and how can we apply this in our organizations and daily lives?

Instead of thinking this is rocket science or brain surgery, lets look at the basics:

  1. Use strong passwords – at minimum 10-12 characters, passphrases much better than a user’s name or personal information; do NOT use the same password for all accounts.
  2. Whenever possible enable/activate two-factor authentication (2FA) or multi-factor authentication (MFA). This provides an additional layer of security when logging into accounts or remotely logging into systems.
  3. Update software whenever available and always keep devices patched and up-to-date with security settings. Software updates protect devices from threats and outside attacks.
  4. Recognize email phishing and smishing texts. Red Flags include misspelled words, email addresses that are not familiar, content asking for something “right away” or there is a sense of urgency, and of course a request to open an attachment or click on a link. When in doubt, DELETE!

Use all resources available, educate yourself and your staff, and apply this knowledge in your personal lives as well.

HIPAA compliance isn’t a one-time checklist. It’s ongoing, programmatic in nature, and requires demonstrated reasonable diligence to stay in good standing with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Anatomy IT can provide you peace of mind with our expert HIPAA compliance services. To learn more, contact us here.