Daily Editors' Notes

Your residents might be safe, but what about your data?

Share this article:
John O'Connor
John O'Connor

Long-term care providers go to great lengths to keep residents out of harm's way. But it appears that the data many operators count on might be anything but safe.

And if you think this matter is limited to other types of healthcare settings, think again. As several media outlets recently reported, documents added to a file-sharing website might have been used to lift information from three nursing homes in New York.

Some of the data was fairly detailed. For example, one document taken from Campbell Hall Rehabilitation Center included the Internet addresses of wireless access points for 11 rooms, facility blueprints, and passwords for network access. Fortunately, no confidential health information about residents appears to have been stolen.

Campbell Hall and the two other facilities involved — Glengariff Health Care Center and the Bronx Center for Rehabilitation & Healthcare — have taken steps to ensure the stolen documents did not pose serious security risks.

But it's not just run-of-the-mill data that's vulnerable. Internet-connected medical devices like dialysis machines are also at risk, experts say.

A new report from IT-security firm SANS found that nearly 50,000 “malicious events” took place at healthcare organizations in just over a year. Moreover, networks and devices at 375 healthcare-related organizations were found to be compromised during this period, some of which are still compromised.

So what's a provider to do? Unfortunately, there are no easy answers. But exercising extreme caution and vigilance are price-of-admission requirements. And you'd better make darn sure any technology vendors you work with are up to snuff. Another helpful resource emerged last month, when federal officials announced the launch of a Cybersecurity Framework.  

The framework lists standards, best practices and guidelines that can be used to help ensure cybersecurity. The framework also offers guidance regarding privacy and civil liberties considerations that may result from cyber security activities.

“The more systems we secure, the more secure we all are,” said Secretary of Homeland Security Jeh Johnson while unveiling the program.

“Everyone needs to work on this,” he added. Unfortunately, it appears that the real work may just be getting started.

 

John O'Connor is McKnight's Editorial Director.

Share this article:
close

Next Article in Daily Editors' Notes

Daily Editors' Notes

McKnight's Daily Editor's Notes features commentary on the latest in long-term care news. Entries are written by Editorial Director John O'Connor on Monday and Friday; Staff Writer Tim Mullaney on Tuesday, Editor James M. Berklan on Wednesday and Senior Editor Elizabeth Newman on Thursday.

    ALL MCKNIGHT'S BLOGS

    More in Daily Editors' Notes

    Want to know what 'secrets' you'll soon be sharing? Buy a car

    Want to know what 'secrets' you'll soon be ...

    As never before, data collection and analytics have become part and parcel of long-term care. Even midsize and smaller operators are sifting through amazingly granular information to document strengths, address ...

    There's an app for that, but should there be?

    There's an app for that, but should there ...

    Some apps - like those that are meant to track blood pressure or give medication reminders - are geared toward your future residents. And that's where the trouble can arise, ...

    Could you make money if Mom's nursing home does a good job?

    Could you make money if Mom's nursing home ...

    A man recently raised more than $51,000 ... to make potato salad. And in a similar type of online campaign, senior living investment company Mainstreet raised more than $1.6 million ...