Although QR codes can make sharing images or other health information easier for nursing home staff and residents, they also can make it easier for bad actors to steal personal health data. Cyber criminals can replace QR codes with clones that redirect users to a similar website that intercepts patient and personal data, or steal data through “quishing,” which embeds fraudulent codes into legitimate-looking emails.
Those types of scams put nursing homes and senior living operators and residents at risk for identity theft and data breaches, experts warn.
Fortunately, there are ways for nursing homes to curb these threats, noted Sharat Potharaju, co-founder and CEO of QR code platform Beaconstac, who offered recommendations for making data less vulnerable in an interview with Healthcare IT News.
To prevent attacks, he recommends organizations use a QR code generator with built-in features such as single sign-on, multi-factor authentication, custom domain and user management. Health data are particularly attractive to cyber criminals, with one patient record fetching up to $1,000 on the black market, he explained.
Patients and staff members should use caution when sharing data via QR codes and only scan QR codes from verified sources, such as health providers’ websites. They also should check the links after scanning the codes to make sure the destination is correct, Potharaju added.
Nursing homes often are the target of cyberattacks. Most breaches are caused by hacking, while human error accounts for 20%, according to recent research from cybersecurity company NordLayer. Cyber criminals prey on the healthcare industry because of its sensitive and expensive data and lack of network security.
