John O'Connor
John O’Connor

Think your senior living community is exempt from data theft? Think again.

As Lois Bowers reported, American Senior Communities was just victimized by a W-2 phishing scam. In this instance, ASC responded to a legitimate-looking email asking for copies of the forms. Thousands of current and former employees could be affected, according to investigators.

ASC is now working with law enforcement and other agencies to sort out the mess. The company also is offering credit monitoring and reporting services to workers who may have been affected.

But truth be told, ASC is probably less an outlier than an early victim. For by all indications, data theft soon might become one of your most vexing headaches.

A relatively new phenomenon, it is quickly targeting people and organizations nationwide. In fact, about one-in-four consumers already has had personal medical information stolen from technology systems, notes a survey released this week at the HIMSS17 conference in Orlando.

Among the breach victims, half (50%) were exposed to medical identity theft, Accenture investigators found. The stolen information most often was used to purchase items (cited by 37% of data-breached respondents) or used for fraudulent activities, such as billing for care (37%) or filling prescriptions (26%).

Caregivers clearly are being targeted. These incursions are occurring most often in hospitals, with more than a third of respondents (36%) citing that’s where the data were stolen from. The locations next in line: urgent care clinics (22%), pharmacies (22%), physician’s offices (21%) and health insurers (21%).

“Not only do health organizations need to stay vigilant in safeguarding personal information; they need to build a foundation of digital trust with patients to help weather the storm of a breach,” said Reza Chapman, managing director of cybersecurity in Accenture’s health practice.

In addition to becoming more common, such breaches are also becoming more complicated — and can affect virtually every department within an organization, notes the just-released “2017 Data Breach Digest.” The annual report details 16 common breach scenarios. Among the most common: stolen credentials. This was followed by malware, phishing and keylogging.

Clearly, senior living operators need to prepare for such breaches. But that’s easier said than done. For not only is data theft a moving target, it’s a changing one.

John O’Connor is editorial director of McKnight’s Senior Living. Email him at [email protected].