A Guide to Password Management in Healthcare

This is how healthcare companies can seamlessly implement a password manager for their teams.

Organizations within the healthcare sector, including clinics, hospitals, and insurance companies, are one of the top targets for hackers.

Patient health information (PHI) is highly valued on the dark web, and healthcare organizations maintain an abundance of patient records. On average, these companies manage over 500 accounts, giving employees in the healthcare industry access to roughly 11 million patient files.

Government mandates and user trends have increased the need for electronic health records (EHRs), remote patient care, and telehealth platforms. It’s no wonder that ransomware attacks, phishing scams, and stolen credentials have skyrocketed in the industry. In fact, over 70% of healthcare providers surveyed by the Healthcare Information and Management Systems Society (HIMSS) reported a security incident in 2021, with an average cost of $9.23 million globally.

Such an enormous amount of sensitive data requires a reliable management system that is secure from hackers yet easy for employees to navigate. Because healthcare is a demanding industry, it’s necessary to find tools that alleviate employee workloads rather than add to them. Dashlane is user-friendly, offers seamless onboarding and will immediately start saving your employees time. 

The right password manager can ensure that patient records are protected by helping employees create strong logins, monitoring the dark web for compromised passwords, providing visibility over who has access to sensitive info, and tracking progress over time. 

While this can feel like an overwhelming task, especially considering the magnitude of patient records and accounts, Dashlane offers all the necessary tools for healthcare companies to easily implement a password manager. 

Here’s how your organization can get started. (And, if you need motivation, read about how this hospital with over 3,200 employees transformed their security culture and created more time for patient care.) 

Understanding your login ecosystem

Risks of breaches and hacks increase with each unsecured account. Often, the culprits are reused passwords, shared logins, and a lack of multifactor authentication.

To begin securing your accounts, consider all of the logins your organization uses. Here are some common accounts used in the healthcare industry, including inter-office communication tools and telehealth platforms: 

  • AmWell Š
  • Backline Š
  • CureMDˆ Š
  • Doximite Š
  • DrChronoƒ 
  • eClinicalWorks Š
  • Epic
  • Epocrated Š 
  • LiveHealth OnlineŠ 
  • MedChat™ Š
  • Microsoft Teams Š 
  • Medscape Š 
  • OnPage Š 
  • Zoom

Next, fill out a chart similar to the one below to understand the status of your company logins before you transition to a password manager. 

Account Owner Is this login shared?  Y/NHow is it shared? Is 2FA set up?  Y/NIs this password used for other accounts?  Y/N
Epic  Jane DoeSpreadsheet 

The power of a password manager

Once you’ve audited your organization’s many accounts and logins, you can store them in a password manager, and replace any weak or reused passwords. From there, employees will benefit from Dashlane’s features including:

  • Autofilled passwords, usernames, and 2-factor authentication (2FA) codes across the web and all devices
  • Logins that automatically save while employees browse the internet 
  • Secure sharing of employee passwords and 2FA codes 

Easy onboarding and offboarding

Dashlane provides video tutorials, live chat support, and templates for onboarding and offboarding employees, making it easy for organizations to get started. 

Essential features

Dashlane supports single sign-on (SSO), so employees can sign in and access a variety of software with one set of credentials. Additionally, with Smart Spaces, employees can create both a work and personal account with separate logins for each. 

Advanced features

In addition to the basics, Dashlane offers features that will improve the culture of security at your organization, track your overall password progress, and help prevent future hacks and breaches. In a strong security culture, employees are encouraged to be an active participants in the company’s overall cybersecurity. They also understand that a reused or easy to guess password is the weakest link when it comes to protecting patient and employee data.

Here are some advanced tools to use: 

Dark Web Monitoring: Dashlane’s Dark Web Monitoring scans the dark web for compromised passwords and logins and alerts employees if any are found. Employees are then immediately prompted to change their exposed passwords. 

Password Health score: A Password Health score is generated for all employees, taking into account any weak, reused, or compromised passwords. Through the Admin Console, IT admins can gain insight into the overall password health of the organization and become aware of any at-risk employees so they can encourage them to create strong, unique passwords. 

Learn more about the benefits of a password manager in our Password Playbook for Healthcare Providers.

    Dashlane

    Dashlane is a web and mobile app that simplifies password management for people and businesses. We empower organizations to protect company and employee data, while helping everyone easily log in to the accounts they need—anytime, anywhere.

    Read More