Information Security Considerations

In order to decrease the chances that the confidentiality of your personal information is compromised, we highly suggest you consider doing the following:

  1. Only use telehealth and website services when you have taken steps to decrease the likelihood that you can be seen or overheard. These steps include:

    1. Making sure you are alone in a room when using telehealth or website services.

    2. Placing a sound dampening device such as a white noise machine outside the room where you are using telehealth services.

  2. Enable two-step verification when logging into your email accounts. This security measure makes it harder for someone to breach your email and gain access to your computer or other electronic devices.

  3. Limit access by being careful who you allow to use, look after, or borrow your computer or other electronic devices.

  4. Be sure to log out of telehealth and website services after use.

  5. Encrypt your computer and other electronic devices

    1. To encrypt Apple-made mobile devices, you need to enable password protection on your iOS device. This can be done via the Touch ID & Passcode section of Settings. iOS mobile devices used to access clients’ PII should not be backed up to cloud storage services.

    2. On Android devices, encryption can be enabled in the Security or Lock Screen area under settings.

    3. To encrypt a Mac computer, enable Apple's FileVault encryption in the Security & Privacy system preferences. If there are multiple user accounts on the Mac, be sure to enable encryption on each one that requires protection. I suggest using a different FileVault password than the one associated with an iTunes or iCloud account; if an unauthorized individual gains access to an iTunes or iCloud password, it cannot be used to decrypt the computer. Apple Time Machine backups and any external drives also need to be encrypted. When setting up a backup drive, the Time Machine can by encrypted in the Time Machine system preference by clicking Select Disk, selecting the backup drive, enabling the Encrypt Backup option, and clicking Use Disk. In OS X El Capitan, external drives can be encrypted, including a Time Machine backup drive, by right-clicking or Control-clicking it in the Finder and choosing Encrypt from the contextual menu that appears. In older OS X versions, Disk Utility can be used to encrypt a drive: select the drive in its Sidebar, then choose File > Encrypt or File > Lock, depending on the OS X version.

    4. On a PC, enabling encryption is accomplished by activating Microsoft's BitLocker. The PC will likely need to have a Trusted Protection Module (TPM) on its motherboard, but it's often missing on cheaper PCs and even expensive older PCs. The computer must also be running the Pro, Ultimate, or Enterprise editions of Windows Vista or later. If the PC is BitLocker- compatible, the BitLocker Drive Encryption settings (called Manage BitLocker in Windows 10) can be found in the Security control panel. In some cases, external drives can also be encrypted here. If a PC doesn't support BitLocker, a third-party encryption tool like VeraCrypt must be used.

  6. Regularly implement software patches and update antivirus software on personal computers.

  7. Avoid the following to reduce the likelihood of malware getting installed on your computer and other electronic devices:

    1. Downloading bundled free software programs. Programs advertised as “free” often come with the cost of downloading malicious software to a computer.

    2. Using file sharing, BitTorrent, and other peer-to-peer sharing services

    3. Connecting removable media (e.g., USB chargers, thumb-drives, etc.) of unknown origin to computers. These devices can contain malware if they were previously connected to an infected computer.

    4. Downloading scareware. Scareware is also known as rogueware and it is usually presented as Internet security software. These programs are advertised in pop-up windows that say things like “Your computer is infected!”

    5. Clicking on unknown links in emails and on websites. These links often masquerade as advertisements and phishing emails that play on the reader’s emotions. These links may say something like “You won’t believe what happened in this video” or “These people need your help!”

  8. Use a secured internet connection when conducting telehealth sessions via Google Meet or when on this website. Publicly available internet connections like those available in coffee shops and airports are often not secured, meaning that others can access and monitor your internet activity, including your telehealth session or website activity.