Three days – that’s how long a memory care facility lost access to every patient record, care plan and medication schedule. While residents needed care, staff dug through paper backups and families called asking if their loved ones’ private information was safe. It’s the kind of scenario that Scott Reese, working with senior care facilities at Echo Assurance, sees more often than he’d like. What happened here isn’t just one facility’s problem – it’s a warning for every healthcare provider handling sensitive patient data. With decades of experience, Scott recently shared some hard-learned lessons about keeping senior care facilities safe from cyber-attacks.
Rising Cyber Threats in Senior Care
Healthcare facilities are becoming a favorite target for cyber criminals, but many operators still brush off the risk. The numbers tell a sobering story. “Healthcare organizations saw 93% increase in cyber-attacks last year alone,” Scott points out, “with the average breach now costing facilities over $4 million.” Yet he keeps running into the same problem: facility operators who think it won’t happen to them. Working with Echo Assurance has given Scott a front-row seat to the growing cyber security crisis in senior living. Each new attack follows a similar pattern, yet facilities keep making the same mistakes. The wake-up call usually comes too late.
The days of getting by with basic security are over. “Multi-factor authentication is essential, but it’s just the starting point,” Scott emphasizes. He shares a recent success story that drives this point home: “One of our clients recently avoided a major breach because they had implemented a comprehensive endpoint detection system. The attack was stopped before it could reach the resident data.” Staff training isn’t just another box to check anymore – it’s becoming critical to factor in security. Cyber criminals are getting creative, using everything from fake vendor invoices to impersonated executive emails to target senior living staff. The human element of security can’t be ignored.
Three Steps You Can Implement This Week
Scott cuts through the complexity with three practical steps facilities can implement immediately. First, he stresses the importance of offline backups:
Offline Backup – “Set up offline backups of your critical resident data immediately, and I mean this week. Make sure these backups aren’t connected to your main network.” He’s seen too many cases where backup systems were encrypted along with everything else.
Testing Staff Readiness – “Run a phishing simulation test with your staff,” Scott advises. “Services like Know4 offer free tests you can run right now. Send a fake phishing email to your team and see who clicks. It’s eye-opening, and it gives you a clear picture of where you need to focus your training.”
Emergency Contact Lists – “Create a printed emergency contact list – yes, printed – with your key technology vendors, insurance contacts, and legal counsel. Put copies in multiple locations.” When systems are down, searching through encrypted computers for phone numbers isn’t an option.
The stakes in senior living are higher than in most industries. “In senior living, we’re not just protecting data – we’re protecting people,” Scott reminds us. “And that’s a responsibility none of us can take lightly.” His approach combines practical solutions with a deep understanding of the industry’s unique challenges. Scott keeps pushing facilities to take cyber security seriously before they learn the hard way. The facility he visited this week won’t forget their three days of chaos anytime soon. But maybe their experience can help others avoid the same fate.
Looking at the worried faces of staff and families during his visit, Scott sees more than just a technical problem. Each cyber attack threatens the trust that families place in these facilities. That’s why he keeps traveling, keeps teaching and keeps pushing for better security. Because in senior living, there’s no room for learning these lessons the hard way. To learn more about Scott Reese, check out his LinkedIn profile.
