Password Security: The Simple Step Your Site Can't Afford to Overlook

Working at or managing a clinical research site you're no stranger to the importance of keeping your data secure. But have you given much thought to the security of your login credentials?

It's not uncommon for staff to store sensitive login credentials in very unsafe places like sticky notes, Excel spreadsheets, Word documents, and other unsecured places. In fact, a recent survey found that 69% of people admit to sharing passwords with colleagues, and 51% have shared passwords with external contractors. 62% of survey respondents reused passwords for multiple accounts, increasing the risk of a security breach. This underscores the need for better password security practices, particularly at research sites where sensitive data is frequently handled.

Cartoon by Phil Johnson for MIT

Ask yourself this: Do you know where your staff are storing their login credentials? And if there was a breach, would you know how to quickly identify which credentials had been compromised?

Unfortunately, the consequences of a password security breach can be severe. Not only could you be putting your business and reputation at risk, but you could also be breaking the contractual obligations you've made to your Sponsor customers.

Let's take a look at some real-life examples of password security breaches in our industry:

• In 2020, the University of Washington School of Medicine suffered a data breach after a phishing attack compromised a research supervisor's email account. As a result, the personal and medical information of 14,795 oncology patients was exposed. 
  
  
• In 2019, a California-based clinical research site experienced a data breach after a former employee stole login credentials and accessed patient data without authorization.
  
  
• In 2018, a clinical research site in Tennessee discovered that login credentials had been stolen and used to access patient data. It was later determined that the breach had been caused by a phishing email that was sent to an employee.

These are just a few examples, and there are many more out there. The sad truth is that password security breaches are all too common, and they can happen to anyone.

So what can you do to protect your business and your patients' data? The answer is simple: implement a standardized password and login storage solution for your staff.

There are many tools available that can help you do this, but the key is to find a solution that works for your team and ensure that everyone is using it consistently. Be cautious when choosing a password storage solution, as adding more technology isn't always the answer. The solution must be seamless and lightweight. VersaTrial, for example, combines secure password storage with a study bookmarks and contacts organizer in a browser extension, making it an all-in-one solution that doesn't interrupt site staff's workflow.

Browser extensions provide a range of benefits over traditional installed software, including easy installation and automatic updates, portability across devices, and a streamlined user experience. With a browser extension like VersaTrial, users can enjoy secure password storage and study organization without having to worry about system compatibility, complex installation processes, or additional software cluttering up their computer. The result is a seamless, all-in-one solution that allows users to focus on their work instead of worrying about technology, like this: 

(VersaTrial is not affiliated with ClinicalResearch.io in any way. Video is for illustrative purposes.)

Don't wait until it's too late to address this issue. Take action now to secure your site team's login credentials and protect your business from potential breaches. Remember, prevention is always better than cure.

Password security is a real risk that can't be overlooked. By taking the necessary steps to protect your staff's login credentials, you can safeguard your business and reputation, and keep your study and patient data safe