Protecting personal information

Adopt a "need to know" approach

It's okay to be skeptical when giving out your personal information. In fact, being skeptical is a great policy.

If you can't prove the legitimacy of the business or person that wants your information, or if you don't understand why a certain piece of information is needed, you may want to think twice about the transaction.

For example, when you call Kaiser Permanente to ask about your account, we may need to know your mother's maiden name or other information, so that we can verify your identity.

However, if a person claiming he's from Kaiser Permanente calls, he doesn't need to know that information because it's already on file. The only reason for a call like that is to get you to reveal your personal information for that person's personal benefit.

  • Never give out your personal information online or over the phone unless you contacted the company and are sure about the business or person's identity.
  • Never agree to anything without researching the facts.
  • If someone contacts you about an account that needs to be confirmed, contact the company's customer service directly to check if the e-mail or phone call is legitimate.

Kaiser Permanente will never ask you for your password over the phone or by email.


Personal information and email

Never send personal information in unencrypted Internet based e-mail. Simple Internet based e-mail can potentially be intercepted by anyone on the Internet.


Transactions and shopping

  • Look for a padlock icon in the lower right-hand corner of your browser window. Or check for "https" at the beginning of the website's address. The "s" means "secured" and that the website uses encryption.
  • Check the SSL security certificate by double-clicking the padlock icon. Be sure that the URL on the certificate matches the URL of the page you are viewing.
  • Pay close attention to the URL (address) of the website you're visiting to make sure it's actually the site you think it is.


Clearing your Internet history

Leaving a computer while you're still signed in to an account is like leaving the door to your home wide open when you're not there. Things you own and value could be stolen. This includes your personal information, especially if you're using a public computer, so it's important to clear your Internet history when you're done.

  • Remember to sign off whenever you have signed on to websites to check your accounts, especially if you are using a computer that other people can use. Also, it's a good idea to close all your browser windows when you're done.
  • Every time you use your computer, your browser's back button, history file, and cookies leave a trail of your Internet activities in your computer's cache. Someone can view this data unless they are manually cleared, so don't forget to clear your Internet history. Don't know how? Check your browser's help section for instructions.

Clearing your Internet history won't guarantee 100 percent safety from someone who wants to spy on you. But it will help keep someone with an average computer skill from spying on you.


Should you use auto-fill?

No! Web browsers can store and automatically fill in information used to sign onto secure websites. This sounds really convenient, but it's like giving directions to your home and handing over the keys to everyone and anyone.

Not only can malicious websites extract information stored in your browser's auto-fill features, other people with whom you share your computer can easily sign onto your account, either on purpose or by mistake.