In today’s technology environment all data is at risk. For many people, awareness of the danger starts and stops at the smartphone and laptop level. News stories have drawn ample attention to the possibility of devices been lost or left behind, making their contents readily available to those who might use them for less than savory purposes.
While the mobile-data issue has drawn headlines, a persistent risk to back office data has garnered less attention. Nonetheless, senior housing enterprises, like other businesses across the spectrum, face the real possibility of data breaches on an ongoing basis.
Faced with such a possibility, senior housing leaders need to wrap their heads around this situation, beginning with the simple query: Is your senior living community safe from a data breach?
There are several ways to approach the question including a review of back-end systems, an exploration of front-end capabilities, and ultimately close scrutiny of practices and procedures throughout the organization.
On the back end
Within a senior housing organization back-end systems may span a wide range of functions. Accounting software and systems will handle critical financial data. Human resource software will contain all wealth of personally identifiable information on staff members throughout the organization. Varying business software platforms may carry a range of privacy-protected health information on residence.
The first step toward ensuring the safety from a data breach is to conduct a thorough inventory of these systems. IT managers, often with the help of skilled outside consultants, need to tear into the nuts and bolts. Third-party software should be in compliance with industry norms. Tools built in-house should conform to common security standards.
Procedures should be in place to routinely update security and apply patches as needed. An audit should confirm that everything is up to date, and propose remediation for those areas in which data safety needs to be tightened up.
Forward facing systems
Moving to the front of the house, IT leaders need to examine those functions in which front-line staffers may be tapping into data that requires protection. Just because an HR system may be secured on the back end, that does not imply that the user interface is necessarily protected. Likewise, health information may be safely tucked away at the corporate level, but the software that facilitates the sharing of electronic health information with doctors’ offices and other parties may not in itself be secure.
All of these user-centric operations need to be scrutinized to confirm that secure information remains secure when it moves from the corporate environment out to forward-facing software implementations.
The people factor
Organizations need to ensure that their processes and procedures are rock solid when it comes to human involvement with critical data. Too often, data breaches come as the result of circumstances that could have been easily prevented. Employees must be trained to routinely change their passwords. They must know how to avoid suspicious websites and emails.
Is your senior living community safe from a data breach? Despite the escalating and ever-changing nature of the threats, it is indeed possible to take significant steps toward ensuring that resident data and corporate information do in fact remain secure. It all begins with a thorough and realistic assessment, starting with back office systems and moving out across all levels of the organization.