search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
A NEW AGE FOR CYBERSECURITY


you get an email from Best Buy claiming to be an invoice for a $500 Geek Squad service, you can call Best Buy directly to find out if this is a genuine e-mail or a scam. “Train your staff to step back and think before they react to a message,” Hyman said. If they do this, there is a good chance they will be able to identify scams.


Protecting Residents More than ever, your residents are using devices, often as many as your employees are. Some of these individuals are more tech savvy than others, so it will be useful to offer training sessions for people of various levels of knowledge and expertise. Invite family members to these programs too, as they will use their own devices to communicate with residents. “Promote technology good habits,” said Louderback, whether


Key elements of this plan and staff training are the definition


of a security breach, a description of what data is stored where, and how and how quickly you will notify stakeholders about the breach. It also is important, said Louderback, to classify data as low, moderate, or high alert. Low alert is that data that is already public information, while high alert is that information that is extremely private and sensitive. “It is critical to have formal processes in place as the cybersecurity


world gets more developed,” stressed Louderback. Currently, he noted, cybersecurity is sort of a “wild west.” However, legislation is in the works that will hold developers and sellers of technology liable for security issues. While staff and others must be trained on processes to prevent


cybercrime, Hyman said, “We all are only human, and people make mistakes.” Instead of penalizing someone for making a mistake that leads to a breach or other cybersecurity issue, they should be encouraged to report issues promptly. “The sooner they report it, the quicker it can be fixed,” Hyman said, adding, “If you are discouraging people from ‘see or do something, say something,’ you are creating a security situation.” Training may not eliminate all errors, said Hyman, but people can


be alerted to red flags to watch for, such as emails with poor spelling or grammar, suspicious URLs in email addresses, or texts or e-mails from someone you know that have a different tone or communication style than normal. “If I don’t recognize an email address or phone number, I will google it, and usually it’s a fake,” he said. It also may be possible to call a reliable source to validate a message. For instance, if


this is through monthly newsletters or training sessions, posters, or other platforms. “A lot of communities employee a resident tech helper or have IT ambassadors who are residents or volunteers’,” he noted. Some have TV channels that they can use to broadcast educational or instructive programs about cybersecurity. Hyman noted that there are fewer requirements for technology


and devices that aren’t regulated and don’t fall under HIPAA. “We need to make sure everyone – residents, families, and staff alike – is very careful when they do things like download apps and enter personal health information. There is nothing to prevent people from hacking into this unregulated technology,” he said. He suggested cautioning residents about using apps, software, or other programs that come from any sources besides a provider, payor, or FDA-approved entity.


Cybersecurity Starts Before You Take on Tech Ask all vendors of devices or technology how their products are secure and protected against cyberattacks. Talk about any and all risks with them and what they do to address them. Louderback said, “If cybersecurity isn’t on the forefront for them, it won’t be on the forefront for you. They should be able to describe their cybersecurity efforts in detail.” Cybersecurity needs to be on your radar every day. “Every time


a new device is introduced to the network, it needs to be audited immediately,” said Louderback. Find the biggest expert in the room, either internally or outside


the organization, to get data audit done on a regular basis. Look at every point of attack or vulnerability for every bit of software and hardware your community uses and have a comprehensive map for every bit of internal and external connection.


“The sooner they report it, the quicker it can be fixed, if you are discouraging people from ‘see or do something, say something,’ you are creating a security situation.”


— Louis Hyman, chief technology officer of Patient Pattern


24 SENIOR LIVING EXECUTIVE JULY/AUGUST 2023


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60