According to a new study released in the Journal of Medical Internet Research, 93% of passwords used to safeguard protected health information were cracked utilizing commercially available password cracking software.
The study was conducted by researchers at Children's Hospital of Eastern Ontario Research Institute and the University of Ottawa in Ottawa, Ontario.
The test was conducted using files provided by volunteer stakeholders in 15 clinical trials. And, although the samples were not representative of all clinical trials in Canada, they were "likely examples of trials where the stakeholders were sufficiently comfortable with their security practices."
"In all cases the recovered passwords were poorly constructed, with names of local locations (eg, “ottawa”), names of animals (eg, “cobra”), car brands (eg, “nissan”), and common number sequences (eg, “123”)."
The original paper, How Strong are Passwords Used to Protect Personal Health Information in Clinical Trials? is available for review at the Journal of Medical Internet Research website.
For more information on securing data, download the eHealthcare Strategy & Trends article, How Secure Are Your Web-Based Forms?