Skip to content
Back to blog

How we’re making your Healthcode Account more secure

Cybercriminals are continuing to cause major disruption, delays and distress following a ransomware attack on Synnovis, which provides pathology services to the NHS in London and the South East.

The attack in early June forced the cancellation of operations and blood test appointments and the hackers have since published stolen patient data on the dark webNHS England has said: “full technical restoration will take some time” and that disruption “will be felt over coming months.”

This again highlights how vulnerable the health sector is to this kind of crime and the need for robust IT security that’s up to the job.

We’ve always taken our IT security responsibilities extremely seriously – as we process the most sensitive categories of data (medical and financial) it’s important for our customers to do this safely. For example, we’ve long been certified by ISO 27001 information security standards and the Government-backed Cyber Essentials programme, we train staff in information security and data protection and we have a rigorous testing programme to identify potential security weaknesses.

Now we’re introducing Two-Factor Authentication (2FA) to make accessing your Healthcode Account even more secure. You’re probably familiar with 2FA as it’s used by many banks and online services like HMRC. Essentially, it requires you to provide a 6-digit one-time passcode from an authentication app or text message to log into your account, in addition to your usual email/User ID and password.

The 2FA solution is simple to set up and use – it provides an extra layer of security when using the products and services you’ve subscribed to, like the Clearing Service, The PPR, ICE and ePractice. All you need is a mobile phone and there’s a back-up option if anything goes wrong.

In a nutshell, it works like this:

  1. Log into your Healthcode Account
  2. Click the user profile menu, select My Account and then Two-Factor Authentication
  3. Choose a method to generate a code using your mobile phone and follow the instructions – you can set up both if you want
  4. Download the 12 recovery codes and keep them safe – you can use one of these if you don’t have access to your phone
  5. Next time you log in enter the generated code using your method of choice

We believe 2FA is an important addition to our armoury against cybercriminals and we’re always looking for more ways to protect you and your data.

How to add 2FA and other useful info is available on our Healthcode Account Help and Support pages or get in touch with our helpful Customer Services team.

Related Articles

Check the status of your electronic invoices to insurers in ePractice

Sometimes the simplest changes can make life so much easier. Why not grab a hot drink and try this five-minute fix to find out whether the invoice you’ve submitted through the Clearing Service has been validated.

Read full story

The business of the patient journey | Managing the patient’s pathway

In part 3 of this series, Product and Marketing Liaison and former practice manager, Desné Marston, shares her expertise on the importance of effective admin to support patient care.

Read full story

A new diary entry marks the start of something big

ePractice Appointments is now live and you’ll be able to access it once you’ve logged in from your Healthcode Account.

Read full story