When creating a social network, email, or even a registration on any website, it is always necessary to have a login and password. The password is part of a user's authenticity process to access certain information, and when it comes to security, the password falls under the category of confidentiality.
When using software, we also need a login and password, and with Ninsaúde Apolo, it is no different. As it is a medical software with an integrated agenda and finance menu, the system is used not only by health professionals, but also by clinic administrators, secretaries, and receptionists. This implies the creation of several users, each with their password.
A very common mistake regarding passwords is to define them using personal life references, such as the name of the mother or father, phone number, birthday, or the name of a pet. This can be a problem because if a person with malicious intent knows some of these aspects, they can discover your password and have access to your information.
Now imagine that you are a healthcare professional and someone with malicious intent discovers the password you use to access patients' medical records. In this case, the headache will be much greater than you can imagine. In addition to having access to your information, this individual will have patient information at hand, which under no circumstances can be disclosed without his consent, as they are expressly confidential. If this occurs, the health professional may even be prosecuted, so a more secure password can prevent this type of problem.
Another example of something very common in some clinics is the fact that the entire reception staff uses the same login and password to access the software. This can be harmful in two ways, and we will exemplify it. The first problem is that some people may need to have more or less access, that is, in this case, it would be necessary to release or restrict screens to certain users, and using the same login this would be impossible.
The second problem is in the history of accesses and changes made to the system, because if several people use the same user, the clinic administrator will not know who added or edited a certain item, and not even when and from where that person accessed the system, as they are often necessary information, as you can see in our article on the access report and its advantages.
How to create a well-crafted password?
To create a secure password, you can switch between uppercase and lowercase letters, use numbers, and even special characters (!?; @). By combining all of this into a password of eight or more digits, you will have a password that is highly secure and difficult to crack by any algorithm.
Another important tip is to control access to the system, that is, limit the users you have registered for certain resources. In the medical software Ninsaúde Apolo, it is possible to perform these restrictions and insert users in groups, so you can limit certain screens of the system according to the user's role within the clinic. You can find out how Ninsaúde Apolo's screen restriction works in our article on restricting users.
In this way, it is possible to prevent intrusions into the system and even malicious actions by former employees, or even malicious employees who act in bad faith, for example.
What is the best way to limit access?
When an employee leaves the company, the first thing to do about the system is to disable the user he used to access the software. For this reason, each employee must have his/her user, as we mentioned earlier.
Concerning active users, each individual must have access only to the information that concerns them. For example, secretaries can access only the diaries, whereas the administrative sector can only access the financial control of the clinic or office, and so on.
So, did you like the tips? Keep following the blog to read other articles like this. Not a Ninsaúde Apolo customer yet? Contact the sales team through our website, and request a demo.