Skip to content

Website, Software, and Online Security Best Practices

Website, Software, and Online Security Best Practices

Introduction to Online Security

We compliled the list below of security best practices when using websites, cloud software, or any online interaction.  w3 requires our clients that are “Covered entities” (individuals or entities that transmit protected health information) under HIPAA, implement the following when managing Personally Identifiable Information(PII) in our systems.

  • Do not send sensitive information online via unencrypted( e.g. HTTP or FTP ) connections. You should use encrypted connections such as HTTPS, SFTP, FTPS whenever possible.
  • Access important websites from bookmarks directly, otherwise please check its domain name carefully, to ensure that it's not a phishing site before entering information.
  • Protect your computer with an up-to-date firewall and antivirus software.
  • Keep the operating systems( e.g. Windows 7, Windows 10, Mac OS X, iOS, Linux ) and Web browsers( e.g. FireFox, Chrome, IE, Microsoft Edge ) of your devices( e.g. Windows PC, Mac PC, iPhone, iPad, Android tablet ) up-to-date by installing the latest security updates.
  • Logout/lock your computer and mobile phone when you leave them.
  • Do not click the links in emails or SMS messages unless you trust the sender.
  • Do not include PII in unencrypted emails



  • Do not use the same password for multiple important accounts.
  • Do not share your password with anyone.
  • Use a password that has at least 8 characters, use at least one number, one uppercase letter, one lowercase letter and one special symbol.
  • Do not use the names of your families, friends or pets in your passwords.
  • Do not use postcodes, house numbers, phone numbers, birthdates, ID card numbers, social security numbers, and so on in your passwords.
  • Do not log in to important accounts on the computers of others, or when connected to a public Wi-Fi hotspot.
  • It's recommended to change your passwords every 3-6 months.


Website & Software Security Service Provider

Contact a nerd today to get a website or software that not only follows industry best practices, but is continuously updated. The nerds often implement new security precautions in an ever-evolving technological era. Are you protected?