Addressing Cybersecurity Threats in Long Term Care Facilities

Computer technology has revolutionized industries of every size and type. These technologies allow for streamlined information management and communication. Unfortunately, new technologies often lead to new cybersecurity risks. The healthcare sector’s growing reliance on digital data has ushered in new risk exposures, and criminals are increasingly targeting sensitive patient and facility data. Cyber threats in nursing homes are growing as well, potentially putting facility and resident assets at risk. Long term care facilities must understand cyber risks and adopt robust strategies for protecting data from loss. Here’s how.

Cyber Threats in Nursing Homes

Across the healthcare landscape, facilities and medical professionals have adopted a wide range of computer-based technologies. Much of the technology is centered on data management and includes electronic health records, financial and insurance billing details, and personally-identifiable information (PII). Electronic records can be shared between facilities and caregivers, allowing quick access to patient information for diagnostic and treatment purposes. Unfortunately, this quick access also provides cybercriminals with an irresistible target, and who work hard to breach cybersecurity safeguards. 

Common cyber threats in nursing homes include:

  • Proliferation of connected devices (laptops, smartphones, tablets) on facility networks. These devices may be used by residents or staff.
  • Unfamiliarity with cyber criminal tactics like phishing, malware, or other techniques to gain access to facility networks.
  • Inadequate password creation and password management by staff and residents using facility computers.
  • Outdated security software on networks.
  • Direct targeting of leadership members via email phishing or spoofing campaigns.

In 2014, the Federal Bureau of Investigation (FBI) saw the first of many attacks on healthcare sector records, particularly those managed by long-term care facilities like nursing homes. Cyber threats in nursing homes have only become more common since 2014; factors like weak cybersecurity and the potentially lucrative information on facility servers give hackers a strong incentive to focus their efforts on these targets. Cyber attacks result in millions of dollars each year in forensic investigations, insurance claims, data recovery, and lawsuits, further draining financial assets away from struggling long-term care facilities.

Managing Cyber Risks in Nursing Homes

Cyber threats in nursing homes present many challenges for the long-term healthcare industry. As a risk management strategy, nursing homes need to give serious consideration to mitigating the potential risks associated with electronic patient records. Risk management must include:

  • Training on safe and secure computer practices for all stakeholders. Staff and residents should be instructed on how to identify online scams and phishing techniques. They must also have the opportunity to learn about password security on personal or facility computing devices.
  • Adoption of identity-management tools, including two-factor authentication, password management, and computer log on/log off applications.
  • Maintaining network security through the use of regular assessments, software patches, and intrusion detection systems.
  • ●      Evaluating current cyber liability insurance protections and obtaining stronger insurance policies to cover financial losses resulting from a cybersecurity breach. Cyber liability insurance is the foundation of risk management and cannot be overlooked as a means of providing protection against cyber threats in nursing homes. 

About Caitlin Morgan

Caitlin Morgan specializes in insuring assisted living facilities and nursing homes and can assist you in providing insurance and risk management services for this niche market. Give us a call to learn more about our programs at 877.226.1027.