Is your practice identity as important as your personal identity? You bet it is! Yet, many plastic surgeons allow others to “own” their social media pages. When an employee resigns, your password(s) and ownership of your social media pages may walk out the door with the employee. You need to establish guidelines around your social media security.
The situation can go from bad to worse if an employee leaves on poor terms because he or she has you login to post as you or can hold your account hostage. This very incident has happened to other doctors, to small business owners, to large corporations….and it can happen to you! Protect your online practice identity by establishing strong security measures.
Google – YouTube, Google+, Local Listing, Google Maps, etc. are typically managed through your Google+ account. The person who set up your Google+ “owns” this page. While other authorized people can post and make changes, the owner is the only person who can manage the managers. You need to own your Google+ page. Establish a Google account for your medical practice so that you can manage and access your information.
Passwords – Guidelines about social media passwords can be lax in many plastic surgery practices. Not only are they easy to guess, but they are shared frequently with employees and contractors. Create a strong password by using a combination of upper and lower case letters, symbols and numbers that you only use for social media. Check your password strength. Make sure that this isn’t your personal password, your financial password, etc. Change it at least every six months or when employee responsibilities shift.
Social page access – Some social media sites allow you to authorize managers of the page without providing a password. It is ideal to authorize someone to access your page when the feature is available. If not, you may wish to use your Google login that you established for your practice. Another option is to create a different email address/password for each social media channel that doesn’t provide a manager option. So, you could have firstname.lastname@example.org, email@example.com, etc. These can be forwarded to a primary address to avoid extra monitoring. Do what works for you, but make sure that your practice manager or you have the ability to authorize/revoke someone’s access to your social media pages when needed.
Filing Passwords – Yes, you need a list of various passwords to ensure access to pages. However, passwords should not be filed in your browser, kept in a “password” document on your computer, etc. Computer viruses can and do access computer password files. Most people find maintaining a paper copy too cumbersome. Explore the options of web-based and desktop password managers. These typically offer encryption and convenience while being accessible via a master password.
Extra Authentication – Many social media channels offer security questions, texts and codes for additional verification. In addition, some platforms remember the device or location that you use for logging in. Taking advantage of the extra authentication can be cumbersome if responsibilities change frequently in your practice, but it can be worth it the hassle to add extra security.