Research by the UK’s National Cyber Security Centre (NCSC) found that despite warnings, people are still using weak passwords that are easily breached. While individuals might lose personal and financial information, practices have responsibility for hundreds of sensitive patient records. Is your practice protected?
What are the stats?
The NCSC found that the most commonly breached password is 123456 – used by more than 23 million accounts that had been hacked.
Apart from the obvious ‘qwerty’ and ‘1111111’, other commonly hacked passwords include names, music acts, football teams and fictional characters. The most popular being Ashley, Liverpool, Blink182 and Superman.
The NCSC UK Cyber Survey found:
- 45% of people surveyed do not always use a strong, different password for their main email account.
- 30% know little or nothing at all about protecting themselves online
- 16-34 year olds believes their know the most about cyber security
- One in three rely to some extent on friends and family for help on cyber security
- 21% use a password manager to save passwords on a smartphone or tablet
- 35% regularly turn on and use two-factor authentication on their email
- 70% always use PINs and passwords for smart phones and tablets
- A quarter of respondents regularly save passwords in their web browser
What does this mean for healthcare practices?
Medical and dental practices are high on the list of targets for Cyber hackers, who want access to lucrative sensitive patient records. This information cannot be changed like bank accounts and credit card details can.
As human error is the biggest weakness in protection against Cyber crime, making sure that your team use strong passwords and follow online security advice is vital.
We’ve talked extensively about where your vulnerabilities lie within your practice. Your email system is one of the most common access points for hackers, from breaching passwords to phishing scams.
With the cost of Cyber attacks continuing to increase, now is the time to consider a dedicated Cyber security risk management plan – ideally including Cyber liability insurance.
Advice and guidance on Cyber security
Here is some advice on how to keep your passwords safe, including some guidance from the NCSC on protecting your online accounts.
- Create passwords using a combination of three random but easy to remember words.
- Don’t use the same password for different accounts.
- Turn on and use two-factor authentication for your main email account.
- Your main email account will give hackers access to breach many of your other accounts – it is imperative that you have a separate, hard to hack password.
- Don’t share passwords – not even with friends, family or colleagues.
- Ensure your team completes Cyber security training and understands their responsibilities in keeping patient data safe.
- Install the latest security updates for IT systems.
- Read guidance from NCSC on their website.
Protect your practice with Cyber liability insurance
If you are looking for help with Cyber protection, as well as financial and professional support in the case of a Cyber attack on your practice, contact the All Med Pro team to find out if Cyber Liability insurance is right for you.