John O'Connor illustration
McKnight’s Editorial Director John O’Connor

There’s no denying that technology-driven breakthroughs are helping senior living operators enhance care, streamline operations and improve bottom lines.

But it’s not just the good guys who’ve noticed that tons of insightful information is getting neatly stored for easy extraction.

As never before, senior living communities are vulnerable to cyberattacks, particularly ransomware and data breaches. The reasons are manifold: extensive collections of sensitive resident information, limited resources for cybersecurity, and reliance on outdated software, to name just a few.

These thefts can disrupt caregiving and cause massive financial losses.

There ought to be a law, you say? Yes, there should. But these days, Congress is not exactly getting things done. So don’t hold your breath.

That doesn’t mean there aren’t steps you should be taking. There are. And in the interest of giving credit where it’s due, the Department of Health and Human Services recently revealed 10 tips (mostly of the common sense variety) that operators can use to protect sensitive information:

  1. Establish a security culture: Cultivate a security-conscious organizational ethos with regular staff training and strict policies that raise awareness about potential threats and vulnerabilities.
  2. Protect mobile devices: Safeguard laptops and smartphones to protect sensitive data as they pose significant security risks while providing easy access to electronic health records.
  3. Maintain good computer habits: Just like maintaining good health, regular updates, patches, and vigilant maintenance practices keep systems robust against possible threats.
  4. Use a firewall: Firewalls are critical for preventing unauthorized network access, acting as a barrier to intrusions while anti-virus software handles existing malicious software.
  5. Install and maintain anti-virus software: Up-to-date anti-virus software protects computers from a variety of cyber threats.
  6. Plan for the unexpected: Have a solid backup and recovery plan to ensure essential health records are not lost during unexpected disasters.
  7. Control access to protected health information: Configure your EHR system to grant access only to users with a “need to know,” requiring both username and password for authentication.
  8. Use strong passwords and change them regularly: Strong, regularly updated passwords are a vital defense against unauthorized access, deterring attackers and protecting sensitive information.
  9. Limit network Access: Limit peer-to-peer sharing and instant messaging, and secure wireless networks to protect against unauthorized network access.
  10. Control physical access: Secure physical access to devices to prevent significant data breaches due to loss or theft.

By following these tips, senior living operators can enhance their cybersecurity measures, ensuring the protection of valuable health information and fostering a safer environment for all residents.

John O’Connor is editorial director for McKnight’s Senior Living and its sister media brands, McKnight’s Long-Term Care News, which focuses on skilled nursing, and McKnight’s Home Care. Read more of his columns here.