Lesson about Passwords after Theft of 16,000+ UCLA Patient Records
Updated – Oct. 20, 2012
Unfortunately, we’ve learned another lesson about passwords at the expense of 16,288 patients who’ve been treated at UCLA’s network of hospitals and clinics. The patients’ sensitive information are in the wrong hands following a burglary of a doctor.
The information was on the computer hard drive stolen from a doctor’s home, according to an article in the The New York Times (U.C.L.A. Health System Warns About Stolen Records).
Medical records of the patients included addresses, birth dates and medical information covering July 2007 to July 2011.
The possible good news: The personal medical data was encrypted.
But the alarming news: A piece of paper containing the password to the medical records was missing from the doctor’s home.
“Rule 1 is never write down passwords,” warns nationally known security expert Dr. Stan Stahl, of Citadel Information Group in Los Angeles.
“Rule 2 is – if you’re going to break Rule 1 – do it securely,” he adds.
“If you must write a password down, write it on a piece of paper the size of a credit card and keep it in your wallet with your credit cards and your driver’s license,” explains Dr. Stahl. “And just write the password: write ‘15Blah-blah-blah’ not ‘my laptop password is ‘15Blah-blah-blah’.”
You can get more of Dr. Stahl’s insights on his security blog and his Web site.
(Note: Dr. Stahl is a fellow member of Consultants West, www.consultantswest.com, a roundtable of veteran consultants in the Los Angeles area.)
From the Coach’s Corner, here are additional cybersecurity tips:
- Most Small Businesses Make You Vulnerable to Credit Card Fraud, ID Theft – Study
- Cyber Security: Is Your Business Prepared with Precautions and Response Philosophy?
- Security Precautions to Take Following Citibank’s Second Reported Online Breach
- Our Mobile-Banking Warnings about Security Prove Prophetic
“If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked.”
-White House Cybersecurity Advisor, Richard Clarke
Author Terry Corbell has written innumerable online business-enhancement articles, and is a business-performance consultant and profit professional. Click here to see his management services. For a complimentary chat about your business situation or to schedule him as a speaker, consultant or author, please contact Terry.
