Published on: October 15, 2019
There’s growing concern by both industry leaders and cybercrime experts that cybersecurity in home healthcare must be improved before a major data breach occurs.
The home healthcare industry is booming, with industry revenue expected to top $99 billion USD in 2019. The industry is experiencing 3.7% growth with a strong growth trend in the future. As the aging Baby Boomers seek alternatives to nursing homes and other facilities, home healthcare becomes an attractive option.
Cybersecurity Risks in Home Healthcare
There are cybersecurity risks that home healthcare agencies share with other industries and some that are unique to the industry.
Risks common to many businesses include:
- Compromised websites, which can become infected with malware, viruses, and other malicious code that infects the computers of site visitors;
- Ransomware, which hijacks the target’s computer until payment is made to release it;
- Stolen information including social security numbers, payroll information, and banking information
Unique risks for home healthcare agencies include:
- Confidential patient data, which may contain information on treatment, medications, and similar information protected by HIPPA and other privacy policies
- Extended contact information for patients, which would put other people’s data at risk
- Links to remote sensors and devices such as heart monitors and other information that links multiple locations with the central network at the healthcare agency
How Likely Is a Security Breach?
Unfortunately, the risks of cyber attacks continue to grow. The SiteLock 2019 Website Security Report reports a peak of 80 attacks per day with an average of 62. And although these attacks are “quieter”, they are no less problematic. Approximately 1% of all websites are infected.
Prepare and Defend Against Attacks
Such attacks are costly, both to clean up and to repair the damage to your reputation. As the expression goes, the best defense is a good offense.
To prepare and defend your home healthcare agency against cyberattacks:
- Backup your systems: Always have backups ready in case your main system is hijacked for ransom. You won’t need to pay thieves their ransom if you can easily restore your data. Cloud-based accounting and home healthcare software may provide automatic backups, too.
- Review BYOD policies: BYOD stands for bring your own devices. Many home healthcare agencies require workers to log into a shared network using their own devices such as a tablet or smartphone. If that is the case, you may wish to review BYOD policies. If a device is lost, will it allow access to critical systems or confidential patient records? How will your agency respond and act if such a thing happens? Have a plan prepared now to stave off a hasty response later.
- Improve awareness and training: Make sure your team is aware of the risk of phishing emails and clicking on links that don’t look quite right, for example. Train everyone on the written policies for passwords and data sharing and require passwords be changed frequently.
- Review system access: Consider limiting people to portions of the network based on their role rather than allowing blanket access to all. This way, if their password becomes compromised, data leaks are limited to only certain areas of the network and can be contained.
- Consider insurance: Cyber insurance is a growing field of insurance that provides financial coverage for cleanup and damages in the event of a successful cyber attack. Speak with your insurance agent about such coverage if you think it is warranted.
Cybersecurity in the home healthcare industry is critical. Having the right systems in place, as well as using the tips above, can keep your agency up and running in the event it succumbs to an attack. Better still, you can defend and prevent against attacks and continue to run a profitable, prosperous agency.
Mindover Software provides consulting, software, and services to home healthcare agencies. Please contact us for more information or assistance with your home healthcare agency software needs.