cyber risks

Addressing Cyber Risks in Nursing Home Facilities

Advances in computer-based technologies have revolutionized healthcare delivery around the world. Healthcare facilities like senior centers, nursing homes, and residential group care homes use computers for a variety of purposes to streamline operations. With these new technologies come emerging risk exposures. Nursing home cyber liability is a growing concern for healthcare managers and facility owners. With nursing home cyber liability insurance and by adopting industry best practices, the threat of cyber criminality can be minimized.

The Role of Computer Systems in the Nursing Home Environment

In nursing homes and in healthcare facilities of every type, computers have improved efficiency while allowing healthcare professionals to deliver accurate, competent care. Computers have revolutionized the healthcare sector, giving professionals the tools they need to track patient histories, collect and analyze medical records, and manage invoicing. Sometimes referred to as clinical information systems, computers may be used to:

  • Capture and store detailed patient records.
  • Manage billing between nursing homes and insurance companies or Medicare/Medicaid.
  • Track medication schedules and prescriptions.
  • Manage patient transfers to and from other facilities.
  • Share records with healthcare providers.
  • Deliver telemedicine services.

Threats to Electronic Health Records

Electronic health records collected and stored by nursing homes often contain detailed personal information. In the hands of criminals, this information could be used to falsify financial transactions, steal identities, or interrupt the delivery of critical medical treatments. Nursing home cyber liability is a real threat; facilities across the country have been victims of cyber criminality through data breaches, unlawful intrusion into computer systems, and data thefts. A single data breach can result in hundreds of thousands or even millions of dollars in losses, putting facility assets and patient safety at risk. Nursing home cyber liability insurance is a crucial risk management component, as is the adoption of computer security practices to minimize or eliminate the threats posed by cyber criminals.

Protecting Healthcare Computer Systems: Best Practices

Although nursing homes are increasingly the targets of cyber criminals, responses to these nursing home cyber liability threats lags when compared to other healthcare sectors. Nursing homes and other long-term care facilities do not always have dedicated IT professionals on staff and may not have adopted the security practices and software needed to defend sensitive personal records against criminals.

To protect electronic health records, the strategy begins by understanding common cybersecurity threats. Most cyber crimes revolve around the following common intrusion methods:

  • Ransomware attacks – where computer systems or data are held hostage until a ransom is paid.
  • Email phishing attacks – tricking victims into revealing information via email that is then used to gain access to computer systems.
  • Data hijacking – unlawful intrusion into or access of patient databases; criminals steal information and sell it on the black market.
  • Theft of computer systems or equipment – including smartphones, PC terminals, and tablets.

Staff training to recognize nefarious activity on computer systems is the first step toward combatting against nursing home cyber liability risks. Staff members should be trained on password security practices, physical equipment security, and identifying email phishing or social engineering attacks.

Nursing homes must adopt software and hardware solutions to prevent unlawful intrusion into sensitive computer networks. Antivirus software and email filtering systems do a good job of preventing data loss, especially when these systems are updated to reflect emerging threat profiles. Network management is the key to long-term protection; nursing homes can often hire third-party IT security providers in lieu of having their own computer security personnel on staff.

Protecting data from theft or loss is another way nursing home cyber liability risks can be managed. Staff members must ensure regular backups of patient records and billing information; backups should be stored offsite for enhanced protection. When records must be transferred via email or fax, this information should be encrypted to prevent criminals from deciphering sensitive personal information.

Finally, nursing home cyber liability insurance serves to provide coverage against cyber threats. This specialized insurance typically offers financial coverage for such aspects as:

  • Customer credit monitoring.
  • Forensic data recovery and breach analysis.
  • Business interruption expenses.
  • Crisis management/public relations after a data breach occurs.
  • Costs associated with notifying cyber crime victims and their families.
  • Reimbursement for ransomware or extortion costs.
  • Third-party defense and liability expenses.

Every nursing home has unique risk exposures. An insurer with experience in cyber threats can develop a nursing home cyber liability insurance policy that meets the needs and budget of facilities. With this protection, and by adopting cyber security best practices, nursing homes can continue to deliver expert care for the residents who depend on these facilities.

About Caitlin Morgan

Caitlin Morgan specializes in insuring assisted living facilities and nursing homes and can assist you in providing insurance and risk management services for this niche market. Give us a call to learn more about our programs at (877) 226-1027.