Accessing Protected Health Information that is found in your client records in FOCUS is serious business.  Make sure you have a strong password and PIN, just like you need for your bank, credit cards and ATM machines.

STRONG passwords have the following characteristics:

  • Contain at least three of the five following character classes:
    • Lower case characters and Upper case characters
    • Numbers
    • Punctuation
    • “Special” characters (e.g. @#$%^&*()_+|~-=\`{}[]:”;'<>/ etc)
  • Contain at least fifteen alphanumeric characters.

Consider using the first letter of each word in a phrase, like “I like to ride horses at the farm” with numbers, capital letters and special characters, ex. Il2rh@tf316

There are apps to help store passwords protected – like MiniKeePass, 1Password, and many others.

WEAK passwords have the following characteristics:

  • The password contains less than fifteen characters
  • The password is a word found in a dictionary (English or foreign)
  • The password is a common usage word such as:
    • Names of family, pets, friends, co-workers, fantasy characters, etc.
    • Computer terms and names, commands, sites, companies, hardware, software.
    • Birthdays and other personal information such as addresses and phone numbers.
    • Word or number patterns like aaabbb, qwerty, zyxwvuts, 123321, etc.
    • Any of the above spelled backwards.
    • Any of the above preceded or followed by a digit (e.g., secret1, 1secret)
  • PLEASE, do not make your password the word Password!! or any variation of it.

General Guidelines

  • Always use a different passwords for FOCUS accounts from personal accounts (e.g., email, social media, websites, etc.).
  • Do not share your password with anyone. All passwords are to be treated as sensitive, confidential information.
  • Passwords should never be written down or stored on-line without encryption/password protection.
  • Do not reveal a password in email, chat, or other electronic communication.
  • Do not speak about a password in front of others.
  • Do not hint at the format of a password (e.g., “my family name”)
  • Do not reveal a password on employment forms or questionnaires.
  • Always decline the use of the “Remember Password” feature of applications (e.g., Chrome, Outlook, Messengers). 
If an account or password compromise is suspected, change your password!

Selecting a Strong PIN

DO

  • Select a number memorable enough for you to remember but difficult for others to get. For instance, the day you got your favorite dog or your SAT math score would hold significance for you but it wouldn’t show up in your records.
  • Use a random four-letter word and figure out what numbers it translates into. For example, “sock” translates on your mobile phone keypad into  ‘7625,’ which doesn’t follow any specific pattern.
  • Do use the “cellphone friend” strategy for remembering a PIN (recording it in your phone under a fictitious friend’s name plus some extra numbers)– but only if you can memorize it or have a backup record in case your phone gets stolen.
  • Do beware of shoulder surfers when entering your PIN to unlock your phone in public, and if entering your PIN to make debit card transactions at the gas station and stores.  Watch out for suspicious objects at the ATM, and report anything unusual to your bank.

DON’T

  • Don’t choose a year, like your birthday or anniversary, for you or other family members. Anyone who is able to access your personal information can easily pick up these significant dates and use them as first options.
  • Don’t use any other numbers that give information about you, such as your phone number, license plate number or Social Security number
  • Don’t repeat numbers, like 1111, or choose something that goes in order, such as, 1234, 6789, 2468, etc., as they too can easily be guessed.
  • Don’t let anyone else know what it is. If you need to do so for some emergency reason, be sure to change your PIN as soon as possible.
  • Don’t write down your PIN on documents that you often carry around, in your wallet, and especially not on your ATM or credit card. That’s all someone needs to clean out your bank account.
  • The longer the better, make it at least 5 numbers.

Leave a reply

-->