• Member Statistics

    • 864,274 Colleagues-to-Date [Sponsored by a generous R&D grant from iMBA, Inc.]
  • ME-P Information & Content Channels

  • ME-P Archives Silo [2006 – 2021]

  • Ann Miller RN MHA [Managing Editor]

    USNews.com, Reuters.com,
    News Alloy.com,
    and Congress.org

    Comprehensive Financial Planning Strategies for Doctors and Advisors: Best Practices from Leading Consultants and Certified Medical Planners(TM)

    Product Details

    Product Details

    Product Details


    New "Self-Directed" Study Option SinceJanuary 1, 2020
  • Most Recent ME-Ps

  • PodiatryPrep.org

    Lower Extremity Trauma
    [Click on Image to Enlarge]

  • ME-P Free Advertising Consultation

    The “Medical Executive-Post” is about connecting doctors, health care executives and modern consulting advisors. It’s about free-enterprise, business, practice, policy, personal financial planning and wealth building capitalism. We have an attitude that’s independent, outspoken, intelligent and so Next-Gen; often edgy, usually controversial. And, our consultants “got fly”, just like U. Read it! Write it! Post it! “Medical Executive-Post”. Call or email us for your FREE advertising and sales consultation TODAY [770.448.0769]

    Product Details

    Product Details

  • Medical & Surgical e-Consent Forms

  • iMBA R&D Services

    Commission a Subject Matter Expert Report [$2500-$9999]January 1, 2020
    Medical Clinic Valuations * Endowment Fund Management * Health Capital Formation * Investment Policy Statement Analysis * Provider Contracting & Negotiations * Marketplace Competition * Revenue Cycle Enhancements; and more! HEALTHCARE FINANCIAL INDUSTRIAL COMPLEX
  • iMBA Inc., OFFICES

    Suite #5901 Wilbanks Drive, Norcross, Georgia, 30092 USA [1.770.448.0769]. Our location is real and we are now virtually enabled to assist new long distance clients and out-of-town colleagues.

  • ME-P Publishing


    If you want the opportunity to work with leading health care industry insiders, innovators and watchers, the “ME-P” may be right for you? We are unbiased and operate at the nexus of theoretical and applied R&D. Collaborate with us and you’ll put your brand in front of a smart & tightly focused demographic; one at the forefront of our emerging healthcare free marketplace of informed and professional “movers and shakers.” Our Ad Rate Card is available upon request [770-448-0769].

  • Reader Comments, Quips, Opinions, News & Updates

  • Start-Up Advice for Businesses, DRs and Entrepreneurs

    ImageProxy “Providing Management, Financial and Business Solutions for Modernity”
  • Up-Trending ME-Ps

  • Capitalism and Free Enterprise Advocacy

    Whether you’re a mature CXO, physician or start-up entrepreneur in need of management, financial, HR or business planning information on free markets and competition, the "Medical Executive-Post” is the online place to meet for Capitalism 2.0 collaboration. Support our online development, and advance our onground research initiatives in free market economics, as we seek to showcase the brightest Next-Gen minds. THE ME-P DISCLAIMER: Posts, comments and opinions do not necessarily represent iMBA, Inc., but become our property after submission. Copyright © 2006 to-date. iMBA, Inc allows colleges, universities, medical and financial professionals and related clinics, hospitals and non-profit healthcare organizations to distribute our proprietary essays, photos, videos, audios and other documents; etc. However, please review copyright and usage information for each individual asset before submission to us, and/or placement on your publication or web site. Attestation references, citations and/or back-links are required. All other assets are property of the individual copyright holder.
  • OIG Fraud Warnings

    Beware of health insurance marketplace scams OIG's Most Wanted Fugitives at oig.hhs.gov

How Secure Is Your Password – Doctor?

Join Our Mailing List

Tips on using strong passwords 

[Securing yourself from a world of hackers]

By Shahid N. Shah MS

Shahid N. Shah MS

What is at Risk?

Here are some specific tools, gadgets, cloud servers, EHRs and other reasons you should secure your PWs:

  • Fax Server – a fax server allows you to centrally manage all incoming and outgoing faxes. Since most medical practices live on fax, this is one of the fastest investments you can recoup.
  • Shared drives – start using shared drives either using your existing software or you can purchase inexpensive “network disks” for a few hundred dollars to share business forms, online directories, reports, scanned charts, and many other files.
  • Online backups and Internet PACS storage – there are online tools like JungleDisk.com that allow you to store gigabytes of encrypted data into the Internet “cloud” for just a few dollars a month.
  • E-mail (beware of HIPAA, though) – internal office messaging and email is a great place to start. If you haven’t started your office automation journey here you should. If you’re going to use it for patient communications you’ll need to make sure you have patient approvals and appropriate encryption. If you’re on Gmail today and you want to have customers immediately be able to communicate with you on Gmail, that’s generally HIPAA compliant because communications between two Gmail accounts stays within the Google data center and is not sent unencrypted over the Internet.
  • E-Prescribing – e-prescribing is a great place to start your automation journey because it’s a fast way to realize how much slower the digital process is in capturing clinical data. If e-prescribing alone makes you slower in your job, EMRs will likely affect you even more. If you’re productive with e-prescribing then EMRs in general will make you more productive too.
  • Office Online and Google Apps (scheduling, document sharing) – Google and Microsoft® have some very nice online tools for managing contacts (your patients are contacts), scheduling (appointments), dirt simple document management, and getting everyone in the office “on the same page”. Before you jump into full-fledged EMRs see if these basic free tools can do the job for you.
  • Modular clinical groupware – this is a new category of software that allows you to collaborate with colleagues on your most time-consuming or most-needy patients and leave the remainder of them as-is. By automating what’s taking the most of your time you don’t worry about the majority of patients who aren’t.
  • Patient registry and CCR bulletin boards – if you’re just looking for basic patient population management and not detailed office automation then patient registries and CCR databases are a great start. These don’t help with workflow but they do manage patient summaries.
  • Document imaging – scanning and storing your paper documents is something that affects everyone; all scanners come with some basic imaging software that you can use for free. Once you’re good at scanning and paper digitization you can move to “medical grade” document managements that can improve productivity even more.


  • Clinical content repository (CMS) – open source systems like DrupalModules.com and Joomla.org do a great job of content management and they can be adapted to do clinical content management.
  • Electronic lab reporting – if labs are taking up most of your time, you can automate that pretty easily with web-based lab reporting systems.
  • Electronic transcription – if clinical note taking is taking most of your time, you can automate that by using electronic transcribing.
  • Speech recognition – another “point solution” to helping with capturing clinical notes; you can get a system up and running for under $250.
  • Instant Messaging (IM) – IM gives you the ability to connect directly with multiple rooms within your office using free software; if you want, you can also connect with patients and other physicians during work hours.

How to avoid the most common and dangerous passwords?






Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com


Product DetailsProduct DetailsProduct Details

3 Responses

  1. Lack of Unique PW Risks:

    Lack of unique passwords for each member of the workforce. Sharing of passwords. Access to ePHI is not based on the job function of the workforce.

    Explanation: Passwords allow the team to gain access to information systems using ePHI. Each password has to be unique and assigned to individual users. A password given to a user, whether it is system generated or assigned should not be shared with anyone. Users in an organization may require more or less access to ePHI based on their job function and so all users will not need equal access to ePHI.

    Major Mitigation: Access to systems containing ePHI should be given to only those individuals who require the access as part of their job function. Additionally the access given to the workforce should be only the minimum access needed for them to carry out their job function. Users should have the privilege to change the passwords and the passwords must be changed periodically so that the passwords are not compromised in any way. Each member of the workforce should be trained on the password protection policies and should be held accountable for slippage.

    Secondary Mitigation: The workforce member’s access to ePHI must be periodically reviewed and updations made as their job functions change so as to ensure minimum access to ePHI. Access details must be documented and updated. Periodic audits must be carried out. A sanction policy must be implemented for sharing passwords.

    Success criteria: Reports from the periodic audits will show how the defined policies are carried out and how they are periodically updated. User access logs also can be referred to verify users’ access to ePHI based on their job functions.

    Shahid N. Shah MS


  2. Healthcare Cyber Crime

    A rise in cyber attacks against doctors and hospitals is costing the U.S. health-care system $6 billion a year as organized criminals who once targeted retailers and financial firms increasingly go after medical records, security researchers say.




  3. Cyber Update

    “Cyber criminals turn to ransomware as victims pay out.” By Lara Lackie for IT ProPortal, January 26, 2016.


    “With so many victims paying out, it is no wonder that ransomware is becoming more and more attractive to cyber criminals. Once files are encrypted, you’d better hope your backups are secure and up to date, or pay the fine and keep your fingers crossed that the files will be decrypted!” – James Miller, Managing Director at Foursys, which shared the results of an IT Security Survey.

    For HIPAA-covered entities it gets worse:

    “Cyberthugs targeting companies with ransomware based on extortion amount for data.” By Ms. Smith for Network World, January 26, 2016.


    “As if the steady rise of ransomware isn’t alarming enough, businesses that get hit with ransomware may not be unlucky targets of opportunity, but targets of choice as cyberthugs are setting ransom demands based on how much valuable data a business has.”

    Cyberthugs are aware that no personal data is more valuable than medical records. Count on it.

    Back up. Back up. Back up. Back up. Back up. Back up. Back up. Back up. Back up.

    D. Kellus Pruitt DDS


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

<span>%d</span> bloggers like this: