CHA understands that the confidentiality, integrity, and availability of our members' information are vital to their business operations and our ability to uphold the association’s mission. We use a multi-layered approach to protect that information, and we constantly monitor and improve our applications, systems and processes to meet the growing challenges of cybersecurity.
Addressing multiple threat sources
Users of online services are potential targets for attempts to steal login credentials and other sensitive information. These threats include hijacking, phishing emails seeking information or delivering malware, and phone calls attempting to gather information to gain unauthorized access or privileged knowledge.
Confirm web page security
CHA provides TLSv1.0, TLSv1.1, and TLSv1.2 encryption (HTTPS) for login and communications between the CHA applications and the user's web browser. This means that if you log in to the CHA website over an unsecured wireless network, your login credentials and business data are protected from sniffing and hijacking tools. Encryption is also in place when accessing our website across your hospital or corporate network. The padlock icon indicates that the page uses the correct data transfer security standard and authenticates the integrity of the message. Look for the lock icon in the appropriate location based on your browser.
Alert employees provide enhanced defense
Training can help staff recognize a fraud attempt and offer greater protection for your organization. Remind your users that CHA employees will not ask for usernames or passwords. CHA provides a toll free number to help you verify if an unknown caller is a CHA employee. Call 1-888-565-2422 to verify identity
. Staff may also request a call-back number or email address for verification.
Reporting suspicious email
If your organization receives a suspicious email that appears to originate from CHA, forward the email to: email@example.com
and then delete it.
Reporting compromised credentials
If you suspect that your login credentials, username and password, have been compromised, please change your password immediately and notify firstname.lastname@example.org