Patient Data Security: The Top 5 Questions for Healthcare Providers

Securing patient data is no easy challenge. With the New Federal Act on Data Protection (nFADP) coming into effect in September, we thought it would be the right moment to give you 5 easy questions to improve your patient data security.

“Don’t use passwords like Password123 or your cat’s name.” You may have heard this before. Yet this type of password is still the most commonly used security code in the world! For the best possible security, we advise you to always use strong passwords. Concretely, your password should be at least 12 characters long, with numbers, letters, and special characters.

Such a password may seem tedious to remember, but don’t worry! Password managers exist and can even generate passwords for you. If Google offers a free service, other managers will offer more security options.

We also recommend enabling two-factor authentication wherever possible. This option will improve security since you will need a code (usually sent by SMS) in addition to your strong password.

Finally, don’t forget that a password is only useful if you have to enter it, so lock your computer or smartphone as soon as you leave them! This is valid even if it’s just to go to the bathroom. An unlocked computer can allow anyone nearby to view private data. In the worst case, someone could have access to your entire computer.

It can be very tempting to postpone an update. We either don’t want to wait or believe it is already the tenth of the month. However, the security of medical data also involves updating your software. Updates will fix many security vulnerabilities.

Do you need to communicate sensitive data or write an email to a colleague? Don’t forget to encrypt the data! This makes the data unreadable to someone who steals it. Most messaging programs already have encryption built in, but you have to make sure it is activated. Don’t forget to encrypt attachments too! If you are unsure about whether your messaging system offers the option, a quick detour on Google should give you the answer.

The security of medical data also involves the storage of this data. Regardless of where your patients’ data is stored, make sure it is stored securely! The host should have sufficient security, and the data should only be accessible by those who are entitled to it. Also check that the host has a secure data backup system in place. Finally, make sure the data is stored in Switzerland for legal reasons.

Indeed, in addition to being useless to you, information that is not necessary to treat your patient is more sensitive data that you will need to protect. Also, we advise you to get rid of data as soon as you no longer need it. If it is common to keep medical data for 10 years, the question to ask oneself is whether certain data is worth keeping after this period.

First of all, congrats! This is an excellent first step! These simple questions can easily help you avoid major data security problems. However, simply paying attention to these few points is not enough to be fully secure. Although there is no such thing as zero risk, surrounding yourself with partners whose security has been proven can help. Don’t hesitate to seek the assistance of specialists in the field.