Senior living organizations remain at a high risk for cyberattacks, making strong cybersecurity measures critical. In a recent webinar, “It could happen to you — how to prepare for and mitigate the fallout from a cyberattack,” CAST Commissioner John DiMaggio, founder and CEO of BlueOrange Compliance, a LeadingAge Bronze Partner with CAST Focus, offered pointers—including a common-sense reminder that “cybersecurity is about people, process and technology.”
Noting that attackers can lay their groundwork by exploring an organization’s systems for up to three weeks before the attack takes place, DiMaggio suggests a list of minimum protections and recommends organizations adopt a higher level of cybersecurity measures, all outlined in this McKnight’s Senior Living article.
If you are tempted to take shortcuts on your cybersecurity strategy, consider the recent experience of long-term care company Carespring Health Care Management, which garnered media attention for a class action lawsuit brought against it after a breach. The plaintiffs allege that Carespring’s failure to provide adequate data security led to exposure of data from approximately 80,000 patients and clients.
Carespring has said that it followed proper protocols and that the compromised data has not been abused, according to reports.
LeadingAge CAST Cybersecurity Resources
For more information on how to protect your organization, use the LeadingAge CAST Cybersecurity Resources. You will learn how to recognize threats, mitigate risk, and respond to an attack. The resource includes a white paper, case studies, and a benchmarking questionnaire.
If you are using voice technology, please check out “Opportunities, and Risks, with New Smart Voice Technology in Senior Living,” produced by CAST in partnership with BlueOrange Compliance.
For information on how a life plan community managed HIPAA compliance and cybersecurity mitigation, see the CAST case study, “Managing HIPAA Compliance and Cyber Security Through Partnership.”