In January, Anthem, the nation’s second-largest health insurer, announced that a data breach that included the personal information of approximately 80 million customers had occurred. The information included names, dates of birth, Social Security numbers, addresses, email addresses, employment information and income data. Cooper University Health Care also stores such information for its patients and is responsible for not only patient health information (PHI) but personally identifiable information (PII) and financial information–such as credit cards and insurance information. Our patients and employees trust Cooper to protect their information. Ensuring this trust is everyone’s responsibility.
You can help protect our patients’ privacy by following a few simple steps. First, create a secure password and protect it:
• A secure, complex password is one that contains at least 15 characters including upper case and lower case letters, numbers and special characters (!, @, #, $, etc.).
• Your password should not be easy to guess. For example, you should not use your birthday or your name as a password.
• No variation of Cooper should be used; e.g., Cooper1, Cooper2.
• Use a different password for each account.
• Most importantly, keep your password to yourself. Do not share it with others, do not write it down on a piece of paper or leave it where it can be easily found. Would you give your credit card to a co-worker or leave it out in your work area?
Your passwords are like the keys to your home. Just as you secure the keys to your home to keep it safe, keep your passwords secure to keep your information safe. In the Anthem hack, the hackers gained access to the database after they cracked a weak password.
Second, be careful when using email. Hackers may send emails that look like they come from legitimate sources such as your bank or even your own employer. They may claim that you need to click a link included in the email to confirm your username and password or other personal information. This type of hacking is called “phishing.” Be on the lookout for spelling and grammar mistakes, generic greetings such as “Dear Customer,” threats to close your account if you do not respond immediately and requests for your personal information. If you do receive a suspicious email, do not reply to it; just delete it. If you are concerned the email may be legitimate, the best thing to do is to contact the sender directly and by phone. The Anthem hackers used phishing as the initial attack into Anthem. Did you know that since the beginning of the year, several Cooper employees were victims of phishing schemes? Don’t let it be you!
Third, secure your workstation and your papers. Once you log in to the computer, you have access to Epic, Flowcast and other clinical applications as well as private documents on the Cooper internal Portal website and file servers (the S and W drives). When you walk away from your computer, please lock it or log off. Papers need to be secured as well. Please ensure they are not left where someone could walk by and see them or take them.
You are the key to keeping our patient and employee information safe and secure. Please keep these things in mind at all times when using and accessing information.
Should you have any questions or concerns, please contact the Information Assurance Department at 856.536.1317.
Comments are closed, but trackbacks and pingbacks are open.