By M. Thomas Langan II.
A recent government report criticized the current electronic health record certification process for failing to require strong passwords. These vulnerabilities make it easier for hackers to penetrate electronic health record (“EHR”) systems and access patient records. The report comes amid a study that many patients are reluctant to divulge their information when their physician uses EHR out of fear of their data’s security. Despite the current lax requirements, it is recommended that all passwords be at least 8 characters long and contain 3 of the following: capital letters, lowercase letters, numbers and special characters and are changed at least monthly.
The government’s report can be found here: http://oig.hhs.gov/oas/reports/region6/61100063.asp
The study can be found here: http://jamia.bmj.com/content/early/2014/07/24/amiajnl-2014-002804.abstract
© 2014 Parsonage Vandenack Williams LLC
For more information, Contact Us