Securing Your Practice Better Account

• Creating a Strong Password for Your Account
• Setting Up Two-Factor Authentication (2FA)
• Keeping Your Operating System Updated
• Recognizing Phishing Attempts
• Monitoring Your Recent Login Activity
• What to Do If You Suspect Unauthorized Access
• Managing Session Security
• Mobile App Security Best Practices
• How These Practices Support Compliance Requirements

Creating a Strong Password for Your Account

Setting Up Two-Factor Authentication (2FA)

Two-factor authentication adds an important extra layer of security to your login process, giving you peace of mind that your account stays protected even if someone learns your password.

Practice Better supports 2FA through authenticator apps like Google Authenticator or Microsoft Authenticator. These apps generate one-time passwords that you'll use alongside your regular password when signing in.

To learn how to enable this feature, visit our detailed guide on setting up two-factor authentication.

Keeping Your Operating System Updated

Your device's security is just as important as your account security. Most operating systems offer free software updates that enhance both security and performance, helping protect your Practice Better account from potential vulnerabilities.

We strongly recommend setting your computer or device to install these updates automatically. This ensures you're always benefiting from the latest security enhancements without having to remember to check manually.

Recognizing Phishing Attempts

📍 Please note: Practice Better will never ask for your password by email.

If you receive an email requesting your password or other personal information — even if it appears to be from Practice Better — do not reply. These messages are phishing attempts designed to steal your credentials.

Legitimate Practice Better emails typically come from addresses ending in @practicebetter.io, such as notifications@practicebetter.io.

When you're unsure whether an email is legitimate, refer to our guide on recognizing phishing email messages. It provides helpful tips for identifying authentic communications and protecting yourself from fraudulent requests.

✅ Practice Better promise: Our emails include security details to help you verify their authenticity, including your full name and email address in the footer.

Monitoring Your Recent Login Activity

Practice Better helps you stay aware of your account access through login notifications and activity tracking. If you receive an email about unusual activity on your account, you can review the details to verify whether the access was authorized.

To check your recent activity:

1. Clcik the settings gear icon and select All Settings & Preferences.
   
    
2. Locate the Login & Security section and click Login History.
   
3. Review the list of successful sign-ins and security challenges, including when and where each access occurred.

This feature empowers you to spot any suspicious activity quickly and take action if needed. If you notice any login attempts you don't recognize, our support team is here to help you secure your account right away.

What to Do If You Suspect Unauthorized Access

If you notice any suspicious activity on your Practice Better account or believe someone may have accessed it without your permission, taking immediate action is critical to protecting your data and your clients' information.

Take these steps right away:

1. Change your password immediately. Create a new, strong password that's completely different from your previous one.
2. Review your recent login history. Check the Profile & Security section for any sign-ins you don't recognize, including unfamiliar locations or times.
3. Check for unexpected changes. Look through your account settings, client information, and any other areas where unauthorized changes might have been made.
4. Enable two-factor authentication. If you haven't already set up 2FA, do so immediately to add an extra layer of protection.
5. Contact Practice Better support. Reach out to our team at help@practicebetter.io or through the Contact Support option in your portal. Our specialists can help you investigate the issue and take additional security measures to protect your account.

When contacting support about a security concern, be prepared to provide:

• The dates and times of suspicious login activity
• Any unusual changes you've noticed in your account
• Details about any suspicious emails or messages you may have received

We take security incidents seriously and will work with you quickly to ensure your account is secure. Our team is here to support you through every step of the process.

Managing Session Security

Understanding how your Practice Better sessions work helps you maintain security, especially when accessing your account from different locations or devices.

Best practices for session security:

• Log out when finished. Always log out of your Practice Better account when you're done working, especially on shared or public computers. Simply closing the browser window may not end your session completely.
• Avoid shared devices when possible. If you must use a shared or public computer, take extra care to log out completely and clear the browser history when finished.
• Keep your browser updated. Use the latest version of Chrome, Firefox, or Safari for optimal security and compatibility with Practice Better. Learn more about browser compatibility →
• Be mindful on mobile devices. If you access Practice Better from your smartphone or tablet, ensure your device is protected with a passcode, fingerprint, or face recognition.

📍 Please note: Practice Better uses secure session management to help protect your account. If you're inactive for an extended period, you may be automatically logged out as a security measure.

Mobile App Security Best Practices

If you use the Practice Better mobile app for iPhone/iPad or Android devices, following mobile-specific security practices helps ensure your data stays protected wherever you work.

Protecting your mobile access:

• Use device security features. Always enable a strong passcode, fingerprint, or face recognition lock on your device. This ensures that if your phone or tablet is lost or stolen, your Practice Better data remains inaccessible to others.
• Keep your app updated. Periodically open your app store to get updates for the Practice Better mobile app to ensure you always have the latest security enhancements and bug fixes.
• Download only from official sources. Always download the Practice Better app from the official Apple App Store (for iOS devices) or Google Play Store (for Android devices). Never install apps from unknown sources.
• Be careful with app permissions. Review the permissions requested by the Practice Better app and only grant those that are necessary for the app to function properly.
• Use secure networks. Avoid accessing sensitive client information over public Wi-Fi networks whenever possible. If you must use public Wi-Fi, consider using a VPN (Virtual Private Network) for added security.
• Report lost or stolen devices immediately. If your mobile device is lost or stolen, contact Practice Better support right away at help@practicebetter.io so we can help secure your account.
• Consider remote wipe capabilities. Familiarize yourself with your device's remote wipe feature (Find My iPhone or Find My Device for Android) so you can erase your device remotely if it's lost or stolen.

🪄 Did you know? Practice Better's mobile apps use the same enterprise-grade security features as the web platform, including data encryption and secure authentication.

How These Practices Support Compliance Requirements

As a health and wellness practitioner, you work with sensitive personal health information that's protected by various privacy regulations. The security practices outlined in this article directly support your compliance obligations and help you meet regulatory requirements.

Practice Better's compliance commitment:

Practice Better is fully compliant with major healthcare and privacy regulations, including HIPAA (United States), PIPEDA (Canada), PHIPA (Ontario), and GDPR (European Union). This means the platform itself is built with strong security foundations that protect your clients' information.

How your security practices support compliance:

• Protecting client confidentiality. Strong passwords, 2FA, and careful session management help ensure that only authorized individuals can access protected health information (PHI) in your Practice Better account.
• Maintaining data security. The security measures you take — from keeping software updated to recognizing phishing attempts — help prevent data breaches that could violate privacy regulations.
• Demonstrating due diligence. Following security best practices shows that you're taking reasonable steps to protect client information, which is a key requirement under most privacy laws.
• Preventing unauthorized access. Regular monitoring of your account activity and prompt response to suspicious behavior help you maintain the access controls required by regulations like HIPAA and PIPEDA.

📍 Important: If your practice requires a Business Associate Agreement (BAA) for HIPAA compliance, you can request a signed BAA through your Practice Better.

Additional compliance resources:

For more detailed information about Practice Better's compliance standards and how to meet your regulatory obligations, visit our Privacy and Security page in the help center. You'll find comprehensive information about data encryption, access controls, and other security measures that support your compliance requirements.

If you have specific questions about how Practice Better supports compliance with the regulations that apply to your practice, our support team is always available to help. We understand that navigating privacy regulations can be complex, and we're here to ensure you feel confident in your security practices.

Need help with account security? Our support team is available to answer your questions and help you implement these security best practices. Contact us through the question mark icon in your portal or email help@practicebetter.io.