Important: New password security guidelines for customers

Ken BellSecure News, SimpleLTCLeave a Comment

SimpleLTC password security requirements

You’ve no doubt heard by now about the massive Equifax data breach, which exposed the private data of 143 million Americans. In addition to high-profile consumer data attacks like this, the occurrence of data hacks on healthcare providers has been on the rise, including more than 80 attacks so far in 2017. Unfortunately, hackers see healthcare companies as juicy targets due to the sheer volume of data they house, plus the fact that security protocols are often less stringent than banks or credit agencies.

From our earliest days, data security has been extremely important to SimpleLTC. Protecting the MDS and PBJ data of our SNF customers, and the protected health information (PHI) of residents, is of prime importance. In fact, we believe we must be more secure than banks, because we are not only protecting your organization’s vital data, but the private PHI of all your residents.

As part of our ongoing security efforts, SimpleLTC is continually working toward new security standards and certifications that will protect our customers’ data even further. With those goals in mind, we’ve initiated some new password rules. Here’s what you need to know…

New SimpleLTC password guidelines now in effect

  • Password history is stored. Whenever you create or change passwords, we store the information for the past six versions in our system. This helps us avoid issues that might lead to reuse of passwords or other issues that might invite hacking.
  • You cannot reuse any of your previous six passwords. When you update your password, the system will no longer allow you to duplicate any of your past six passwords. This helps prevent a potential hacker from trying to use a previously valid password.
  • IMPORTANT: You cannot change your password more than once within 24 hours. Once you’ve changed your password, the system will not allow you to do so again within 24 hours. So if you’ve forgotten a password you just changed, you’ll be unable to log into SimpleLTC until 24 hours have elapsed and you can update the password again. Therefore, it’s very important that you store your password in a safe place (see recommendations below). While this may seem like an inconvenience, it’s an important security protocol that prevents hackers from using multiple password reset attempts in a short time period.

Important recommendations to keep in mind

  • Use a strong password. SimpleLTC requires passwords to be a minimum of eight characters long, with at least one lowercase letter, one uppercase letter, and one number. Here are some basic guidelines for creating a strong password. Also, a longer password is more secure than a complicated password (here’s why).
  • Do not reuse passwords. Our system will prevent you from reusing any of your previous six passwords. However, it’s a good idea not to reuse any of your old passwords.
  • Important: Store your password in a safe place! As mentioned above, you can be locked out of SimpleLTC if you try to reset your password more than once in 24 hours. Whenever you create a new password, record it and store it in a safe place.
  • Consider using a secure password manager. If your organization allows it, consider simplifying your password management with a tool such as LastPass, Dashlane, KeePass, or others.

Note: If your company utilizes single-sign on (SSO) functionality to access SimpleLTC software, the new guidelines will not affect you.

Thanks for helping us secure your important MDS and PBJ data! If you have any questions, please contact our Support Team.

Leave a Reply

Your email address will not be published.