According to risk consultancy Kroll, cyber attacks on health organisations have risen 90% in the second quarter of this year compared to the first three months of 2022.
Cyber-attacks on healthcare providers can be costly – not just in monetary terms but also, and perhaps more importantly, in loss of trust. While measuring the loss of trust may be harder to quantify, the average cost of a cyber-attack in the UK according to the National Cyber Security Centre is £4,200 with over half of companies not insured to cover such losses.
In the US, a healthcare data breach can cost USD10.1 million on average, according to IBM Security’s annual Cost of a Data Breach Report. Notably the healthcare industry comes on top before financial services and pharmaceutical – not a first place to be proud of.
In home care provision, a cyber attack creates downtime in the availability of digital services which has a detrimental impact on carers who are unable to access clients’ data when they need it the most. Time in the care sector has an importance and relevance that not many other industries share. Missed medication or missed care provision can rapidly escalate to a life-threatening situation.
This is why more than ever the industry has to come together to fight cyber criminals and ensure the safety of clients. So with that in mind, here’s what all providers should be considering.
ISO 9001 and 27001 certifications
These are the two key standards that all technology care service providers should have. ISO 9001 is the international standard that addresses the various requirements to ensure quality management of systems. ISO 27001 shows that an organisation has the right people, processes and technology to ensure the data it collects is protected and secure. Having these two certifications can show how seriously an organisation is taking consumer data safety and the quality of its service and systems.
Penetration tests
As cyber-attacks continuously evolve and become more sophisticated, with cyber criminals always on the look for new ways to carry out their attacks on a bigger scale, technology providers should have their clients run regular deep security and penetration tests on their systems. This can help embrace a proactive approach to cyber-attacks and allow users to get feedback on any needed improvements.
Support small care providers
It is often thought that small firms are less secure as they don’t have the same IT infrastructure, have less resources and smaller budgets that don’t always allow them to check the level of security needed themselves. These are the firms that can benefit from the protection that technology providers – who hold those industry certifications mentioned above – can offer them.
We follow the principle that security should be embedded in any product or service by “design and by default”, i.e. from the ground-up rather than added as an afterthought or later down the line.
By putting the responsibility of ensuring systems are secure and that rigorous data protection measures are in place in the hands of technology providers, care providers can focus on what they do best: provide the best care service for clients and their families.
Robust security and back-up systems along with rigorous data protection measures mean that we can offer carers, clients and their families greater peace of mind. You also know that your care management system is fully compliant with all the essential data protection and cyber security measures to ensure best-in-class online safety. At CareLineLive we take security and protection of data extremely seriously. Our systems are continually monitored for security vulnerabilities and this level of scrutiny has meant the CareLineLive platform has not had any cyber security incidents to date in 2022.
Read more about CarelineLive’s dedication to home care security here and book a demo here.