Here are 5 ways to prevent human error in cyber security (and become a more secure workplace)


#1 Up your password security game!

Never ever SHARE your passwords with anyone (not even your BFF!).

Recipe for a strong password… one number one letter one uppercase letter must be at least eight characters long

Passwords should be difficult for someone else to remember

Use different passwords for each account. That way, if your password is ever compromised it’s only for that one service, not for all your accounts.


#2 Baby your data! It’s sensitive, so be careful.

Be careful you’re not accidentally sending sensitive data to the wrong person.

And never email Patient Health Information (It’s a HIPAA violation!)


#3 Invest in adequate software security.

Always make sure your computer and software are up-to-date, otherwise you could be open for an attack.

Don’t close those pop-up software update reminders… you need to actually click YES to stay safe.


#4 Beware of phishing scams.

“Phishing” is when cyber-criminals send you emails that look like they are legitimate or from reputable companies to lure you to reveal personal information like passwords and credit card numbers.

Don’t click on links or attachment files from suspicious senders.

And only use USB sticks that belong to you.


#5 Know that “default” security settings are not enough.

At MHIN, we know “default” is the bare minimum.  So we go above and beyond to keep our system secure.

Do you want to go the extra mile?

  • Use BitLocker Drive Encryption to protect your files from hackers
  • Require a Windows password
  • Require mobile and personal devices to login on guest networks
  • Use a professional service to destroy all hard drives that could have ever contained sensitive material.
  • Use secure, HIPAA certified and license-based email or text messaging systems to communicate patient information.
  • Ban social media use from your secure network.
  • Provide additional training to your staff to make them experts on phishing and email scam detection
  • Shred documents that contain sensitive material, do not just throw them in the trash.
  • And lastly…. access to data should be limited to the level required for a person’s work, nothing more.


If you have any advice you’d like to share, comment below or email us at MHIN is an Indiana-based nonprofit Health Information Exchange.

Our mission it to turn data into insights to improve health for our families, neighbors, and friends by connecting our healthcare community.