The care insurance specialist

Cyber Threats in the Care Sector

Cyber Insurance2

GDPR

It’s been over a year since the General Data Protection Regulation (GDPR) rolled out and statistics show that almost a third of European firms are still not compliant. Centric to GDPR is information security and in an ever increasingly digital world Cyber security has to be taken seriously.

Indeed under the CQC’s “Safe” Category they now include technology in care and stipulate that GDPR amongst other regulations need to be adhered to. Failure to comply or burying your head in the sand will impact your registration and may result in action being taken by the Information Commissioners Office (ICO).

Known Threats

It’s important to have a basic understanding of the types of cyber threats which you need to protect yourself from. Whilst not an exhaustive list, here’s some basic terms you may have heard of and a description of what they actually mean;

Denial of Service (DOS/DDOS) Attack- (DOS) attack prevents users from accessing a computer or website. Also referred to as DDoS (distributed denial of service).

Malware-  A general term for malicious software which includes viruses, worms, Trojans and spyware.

Spyware- Software that permits advertisers or hackers to gather sensitive information about you without your permission.

Phishing Emails- Refers to the process of deceiving recipients into sharing sensitive information with an unknown third party.

Keylogging- The process of secretly recording keystrokes by unauthorised third party

Spoofing (Email)- Where a sender of an email address is forged for the purposes of social engineering

Social Engineering- Refers to the methods attackers use to deceive victims into performing an action, typically these actions are opening a malicious webpage or running an unwanted file attachment.

Future Threats

Cyber risks are in their infancy and new threats and exploits appear all the time, usually in response to the latest measures to minimise the current threats.

It’s important that cyber security reviews are undertaken on a regular basis and effort made to stay abreast of developments. Appointing a Data Protection Champion is essential and training and empowering that individual to ensure that you’re doing all that can reasonably be expected to prevent any unauthorised access to your data or your systems is key.

Online Care Records

Many Care services regularly access the NHS Care Records on behalf of their service users. Any access to such databases need to be controlled and protected to avoid your organisation being the result of a breach which could lead to a hefty penalty or litigation.

Aging Hardware

Like the motor vehicle you keep on the roadside which are more likely to fail an MOT or service the longer you keep them, computer equipment too requires attention and the odd tune-up on a regular basis. Your network will only ever be as security as your weakest (and often oldest) machine. When you’re considering updating the office laptop, don’t forget the dusty PC tower which lie hidden in the corner!

Internet of Things

An often overlooked exposure in the Care sector is the very technology which is being used to make residents safer and providing them with everyday comforts and a safe living environment. The Internet of Things relates to everyday items and tools which have been enhanced with internet connectivity. Examples are Smart Doorbell’s, Smart Locks, automatic lighting and heating etc. We often think that hackers will only attack computer systems and usually want to steal data, but what if the camera’s placed around the property are the computers and the footage the data? What if they’re able to track security codes via keylogging?

Considering the known threats above could you operate without access to;

Continuity planning is a key component to ensure your operations can continue in the event the access to your systems in compromised.

Enforcements for non-compliance with GDPR are happening and whether we like it or not all businesses have a degree of exposure which we’re responsible for minimising.

Whilst the buzz of GDPR has quieted down over recent months the new responsibilities remain as important as ever and it’s only a matter of time before a major incident is reported which gains mass media attention (and likely a hefty fine from the ICO). The message is clear, don’t become a headline, be proactive and take your cyber security seriously.

Other Articles

Welcome to Quality Care Insurance Services  Quality Care Does Comic Relief!  My Insurance won't cover flood  Immigration Law Compliance for Care Homes  Summer  The Insurance Act 2016  Nights are drawing in  Hurricane Season  QCIS joins the Cuckfield Christmas Tree Festival, 2016  Cyber Regulations  £221 raised for Macmillan  Sarah's 10 Year Anniversary   Team Member Complete's Tough Sh!t Challenge  Charity Christmas Song  Team Member Completes Cambodia Trek!  QCIS supports The Cuckfield Christmas Tree Festival  Charity Events  Care Home Success Story  GDPR  Fire!  GDPR- It's Here At Last!  Cyber Insurance- What will you get from us?  Cyber Insurance  Energy  Outstanding CQC Rating Group  Warning To All Care Home Owners  Changes to your Business  Skills for Care   Pollard's Promises  Pollard's Promises- i360!  Save on your Energy Bills This Winter  Top 10 Care Home Insurance Cover Mistakes  CareLine  Chartered Insurance Institute Exams  Cuckfield Christmas Tree Festival 2018  Save Money on Energy Bills this Christmas  Christmas Opening Hours 2018  QCIS partners with Essex Care Association  Utilitywise have gone into Administration  QCIS Supports Circus Starr!   Charity Business Awards  Care Conferences  Protecting Your Personal Assets  How will Brexit impact the Care Sector  Should Wi-Fi be a priority for Care Homes?  QCIS are British Insurance Awards Finalists!  QCIS is 10 Years Old!  QCIS Win SME Risk Initiative of the Year Award!  Guide to Under Insurance  Recruitment in the Care Sector  The Importance of Life Cover  QCIS Awards  Pollard's Promises- Colchester Zoo  CCTV in Care Homes   Care Homes being Prosecuted  Peru Trek for Chestnut Tree House  QCIS Win Schemes Broker of the Year!  The What, Why, How and When of Directors and Officers Insurance  Lorrie Reports On Her Inca Trail Challenge  Winter Months Risk Control  COVID-19 (Coronavirus) - QCIS Business Response  The Alarming Rate of Attrition in the Care Sector  Buildings Under Insurance -A Note of Caution