Heartbleed is a major security threat to internet users around the world. We are confident that our systems are secure against the Heartbleed vulnerability.
Despite its medical moniker ‘Heartbleed‘ is actually an online threat which can expose the way web browsers connect to certain websites. You’ve probably seen it mentioned in the headlines on the TV and Radio because it is widespread and extremely serious for those affected. Luckily we are not one of those sites.
Whilst we are confident in the security of our own systems, we’d like our patients to be aware of the risk when using the same username and password across multiple sites. If you re-use your details in this way then there is a chance that the Heartbleed bug may affect another site you use. If your login details were to leak in this way, then there is a chance that security on other sites that you use could be compromised, including your data here at Online Doctor.
Is my patient data safe with Online Doctor?
Yes. We have reviewed our exposure to this risk and we can confirm that our system is not threatened by the Heartbleed vulnerability. In fact we have never used the version of software that is affected by this threat.
What exactly is the problem with affected sites?
The issue is with the internet security software that keeps your information private when logging on to and using web sites. You have probably seen the padlock icon in your web browser which tells you a site is secure; this is the software that has the problem.
While not every website will have been compromised (the problem is specific to a certain version of the SSL security software) the security vulnerability has been around for two years and in recent weeks it has been proven quite easy to intercept user names, passwords, email addresses and other sensitive information. As a lot of people use the same details to log on to many websites, the potential is that if someone can access one of your accounts then they can access them all.
How do I know if a given site is affected?
For the technically minded, you can check if a particular site is affected by Heartbleed by using a tool at: http://filippo.io/Heartbleed/
What should I do now?
There is a lot of advice out there at the moment, but we believe the minimum you can do to protect yourself is the following:
- Change your passwords frequently
- Use different passwords for different sites
- Choose ‘strong’ passwords – typically with a mix of alphanumeric characters (capital and lower case), and special characters such as !, ? and so on.