Cyber criminals are working harder than ever during the COVID-19 public health emergency. This is no time to let down your cyber guard.
Earlier this month, the FBI Cyber Division issued a warning that any computers running on Windows 7 are vulnerable to cyberattacks. If you’ve not updated to Windows 10, it’s time to make it a priority.
If you’re not sure what version of Windows you are running, the easiest way to find out is to click the magnifying glass icon on the lower left side of your screen and type in “Windows version.” This should provide a system summary, which includes the version. For details about how to upgrade to Windows 10, check out the Windows 10 page on the Microsoft site.
Having Windows 10 installed on your laptop or computer also assists with encryption, which is needed to protect patient information. You can confirm if your computer has encryption enabled by going to Settings> System> About and scrolling to Device Encryption.
If not set up by default, Microsoft offers another built-in encryption tool called BitLocker on the Professional version of Windows. If you have the Home version, you can upgrade to the Professional version for a relatively small fee. BitLocker requires creating a second password, or key, to unlock the encrypted data, but it is straightforward to set up and is already installed on your Windows laptop. The BitLocker password should not be stored with the laptop. Other free and “for a fee” solutions exist if you can’t or don’t want to use BitLocker.
Apple devices running Mac OS X and macOS purchased in the past 15 years or so include a feature called FileVault that will encrypt the entire system. To enable, open your Mac preferences, select Security and Privacy, and turn on the FileVault encryption. It also requires a decryption password, so be sure to store your password somewhere safe in case you forget it.
It probably goes without saying, but don’t store your password on the computer you’re encrypting. Otherwise you won’t be able to access the password if you forget it.
Encrypting the devices you and your employees use for work helps facilitate regulatory compliance. This is especially true for laptops, smartphones, and other mobile devices. You can find additional information about how encryption mitigates the effects of lost or stolen devices here.
If you have other questions, contact the Texas Medical Association Knowledge Center at (800) 880-7955 or go to the HIPAA Resource Center on the TMA website.
NOTICE: This information is provided as a commentary on legal issues and is not intended to provide advice on any specific legal matter. This information should NOT be considered legal advice and receipt of it does not create an attorney-client relationship. This is not a substitute for the advice of an attorney. The Office of the General Counsel of the Texas Medical Association provides this information with the express understanding that 1) no attorney-client relationship exists, 2) neither TMA nor its attorneys are engaged in providing legal advice and 3) that the information is of a general character. Although TMA has attempted to present materials that are accurate and useful, some material may be outdated and TMA shall not be liable to anyone for any inaccuracy, error or omission, regardless of cause, or for any damages resulting therefrom. Any legal forms are only provided for the use of physicians in consultation with their attorneys. You should not rely on this information when dealing with personal legal matters; rather legal advice from retained legal counsel should be sought.