Skip to main content
Meet Us at GHPCO 2026 - Global Healthcare InnovationMarch 15-18, 2026|Meet Us at GHPCO 2026 - Global Healthcare InnovationMarch 15-18, 2026
Best Practices

HIT Security Issues in 2017 - Password Management

The first line of defense in preventing hacking is a secure password. Unfortunately, IT administrators and website security and management companies know that educating their users on the definition and necessity of a strong password often falls on deaf ears. Most users opt for convenience and familiarity when they aren’t forced to change passwords that contain strong character and symbol combinations frequently.

2 min read
|password settings for healthcare devices and programs

The first line of defense in preventing hacking is a secure password. Unfortunately, IT administrators and website security and management companies know that educating their users on the definition and necessity of a strong password often falls on deaf ears. Most users opt for convenience and familiarity when they aren’t forced to change passwords that contain strong character and symbol combinations frequently.

One Easy Way to Protect your Healthcare Infrastructure and Data

In a recent article, CIO Senior Writer, Sharon Florentine explains that “Cybersecurity professionals will struggle to protect critical infrastructure, connected systems and remotely accessed systems and devices while weak password practices remain the norm.”

password settings for healthcare devices and programs

At QliqSOFT, we’ve made it convenient for admins to customize and enforce security policies on our secure texting messaging platform, based on the need of their particular organization. Through our browser-based dashboard, admins can customize the number of total characters, uppercase letters, numbers, and special characters. Enforcement of password strength can even be required. Using this setting, users are prevented from choosing passwords that do not meet the predetermined criteria. Additionally, password expiration can be set to any length of days desired before users are forced to create a new password. One last bit of security prevents users from reusing previous passwords based on the admins' preference.

Desktop & Mobile Text Messaging Security

Even with this level of control, organizations may still opt for convenience over security. To ensure that messages don’t get into the hands of hackers, we do not show messages in the browser, which is the most common hackers access data after acquiring a password. Next, we expire messages frequently. Only the last few days worth of messages, not the entire history of messages are accessible. This minimizes the impact of the breach. Finally, we provide administrators and users a convenient way of locking the app and wiping the data.To learn more about how QliqSOFT approaches security, request a free demo HERE.

Frequently Asked Questions

Find answers to common questions about this topic.

A secure healthcare password should contain a combination of uppercase letters, lowercase letters, numbers, and special characters. Healthcare organizations should enforce minimum character requirements and prevent users from reusing previous passwords to maintain HIPAA compliance.

Healthcare organizations should set password expiration policies based on their risk assessment, typically ranging from 30 to 90 days. Frequent password changes help protect patient health information (PHI) from unauthorized access if credentials are compromised.

Healthcare professionals often prioritize convenience and workflow efficiency over security measures. Without mandatory enforcement policies, users typically choose familiar, easy-to-remember passwords rather than complex combinations that meet security standards.

Healthcare messaging platforms should implement message expiration, avoid displaying messages in browsers, and provide remote data wiping capabilities. These layered security measures help minimize the impact of potential breaches and protect PHI.

IT administrators can use centralized dashboards to customize password requirements, set automatic expiration dates, and prevent password reuse. Enforcement settings should prevent users from creating passwords that don't meet predetermined security criteria.

Ben Henson

Written by

Ben Henson

Healthcare IT Specialist

Healthcare IT specialist with expertise in HIPAA compliance and secure messaging.

View all posts

Related Articles

Picture of password management graphic for HIMSS 2018
Best Practices

What’s Your Password Management Strategy? Learn Best Practices at HIMSS 2018

Password management for the enterprise can be complex. It’s also often ineffective in decreasing cybersecurity risk. The National Institute of Standards and Technology (NIST) has long been the authority on password management. For decades, NIST did not make any significant changes, until now. If you are unfamiliar with the new guidelines or want to learn more about how they should impact your password management strategy, then join us at HIMSS.

Ben HensonBen Henson
2 min read
heartbleed internet explorer bug and hipaa security|health care security vulnerabilities
Best Practices

Heartbleed, Internet Explorer Bug and HIPAA Security

Three weeks ago Internet users were notified en masse that a security vulnerability had been discovered in OpenSSL, a widely-used piece of open-source software that helps securely transport information around the web. The so-called Heartbleed bug forced healthcare IT vendors across the industry to perform internal forensic analyses to check whether they were sending vulnerable PHI across various internal and external networks.

Ben HensonBen Henson
2 min read
2m left