Are Your Senior Patients Safe From Cybercriminals?

By September 25, 2019 Blog
Cybersecurity For Long Term Care

How To Protect Your Senior Patients From Cybercriminals

The elderly are key targets for cybercriminals – why? Because they’re often easy targets. Even though your healthcare organization may be protected with firewalls and antimalware technologies, are you doing enough to protect your senior residents?

When you think healthcare and cybersecurity, the first things that come to mind are probably HIPAA, or WannaCry. And that’s for good reason – almost half of all ransomware incidents reported last year targeted healthcare companies.

But this isn’t the only conversation you need to be having about your healthcare organization’s cybersecurity standards. You could be totally compliant with HIPAA, and as protected against ransomware as possible, but you’re still likely overlooking something.

Despite what lengths you may be going to protect your patient’s data from cybercriminals, are you also protecting them from themselves?

Going Beyond HIPAA

Compliance is one thing – but what if the patients in residence at your healthcare organization (the elderly, in particular) are still at risk?

Herein lies a core problem for healthcare providers. Is your requirement to just be compliant, and no more? Or do you truly believe you should be protecting your residents from threats not outlined in regulations like HIPAA?

This is the case when it comes to scam-based cybercrime: phishing, fraud, malvertising, etc. If you have long term elderly residents in your care, who have the ability to access email and the Internet, then they are likely targets for cybercriminals.

Are you doing your part to educate them about these threats?

Senior Patients Put Themselves At Risk As Users

A majority of cybersecurity technologies offered today include the best in vital software, from firewalls to anti-malware to data encryption and more. However, as important as this technology is, on its own, it simply isn’t enough.

The key to truly comprehensive cybersecurity is simple, yet often overlooked: the user. This vulnerability is compounded when the user is older, less familiar with new technology, and doesn’t know how to use it in a secure manner.

Cybersecurity gimmicks — such as “set it and forget it” firewalls and antivirus software — fail to account for how important the user is. Even the most effective digital security measures can be negated by simple human error, which is why conventional solutions are simply not enough to ensure your patients’ safety.

Much of cybersecurity is dependent on the user, and as such it’s vital that you properly educate your residents in safe conduct. The more your patients knows about the security measures you have in place, the more confidently they can use the technology is a secure manner.

How Can You Protect Your Senior Patients?

A simple cybersecurity training program will teach your residents how to handle a range of potential situations:

  • How to identify and address suspicious emails, phishing attempts, social engineering tactics, and more.
  • How to use social media without exposing data and other assets to external threats by accident.
  • How to act when they suspect that an attack is occurring or has occurred.

A key area of focus should be phishing, a hacking technique that “fishes” for victims by sending them deceptive emails. Virtually anyone on the internet has seen a phishing attack.

Phishing attacks are mass emails that request confidential information or credentials under pretenses, link to malicious websites or include malware as an attachment.

Once you know what they’re like, these emails are easy to spot…

Teach Senior Patients To Identify Phishing Emails

  1. Incorrect Domain: Before even taking a look at the body of the message, check out the domain in the sender’s address. Maybe they claim to be from your bank, or a big name company – but talk is cheap.It’s much more difficult to spoof an actual domain name, and so it’s more common to see domains that are closer, but not 100% correct. If it seems fishy, it probably is.
  2. Suspicious Links: Always be sure to hover your mouse over a link in an email before clicking it. That allows you to see where it actually leads. While it may look harmless, the actual URL may show otherwise, so always look, and rarely click.
  3. Spelling and Grammar: Modern cybersecurity awareness comes down to paying attention to the details. When reading a suspicious email, keep an eye out for any typos or glaring errors. Whereas legitimate messages from your bank or vendors would be properly edited, phishing emails are notorious for basic spelling and grammatical mistakes.
  4. Urgent and Threatening: If the subject line makes it sound like an emergency — “Your account has been suspended”, or “You’re being hacked” — that’s another red flag. It’s in the scammer’s interest to make you panic and move quickly, which might lead to you overlooking other indicators that it’s a phishing email.
  5. Attachments: Phishers will often try to get you to open an attachment, so, if you see an attachment in combination with any of the above indicators, it’s only more proof that the email is likely part of a phishing attempt.

Technology is too powerful and convenient a tool for your residents to go without. When used properly, modern technology will allow them to communicate with loved ones, spend their free time learning and engaging with new content on a variety of platforms, and maintain a degree of independence and competence during this stage of their life.

Don’t just be HIPAA compliant – go a step further and help your residents learn how to use technology effectively and safely.

Design & Developed by Himel Shahriar