Public Wi-Fi Security for Senior Care: 4 Tips for Keeping Patient Data Safe
As the baby boom generation enters the Senior Care market, skilled nursing, assisted living and other facilities that serve to the senior population face a new challenge. They have to meet the technology-access expectations of tech-savvy patients and their families. Wi-Fi access is now an essential part of the service mix for residents and visitors.
Since these are healthcare facilities, though, HIPAA compliance and patient-safety issues are even more paramount. Roaming caregivers require their own Wi-Fi access to electronic health record (EHR) or electronic medical record (EMR) systems. Monitoring, alerting and other systems that directly support care delivery might also connect via Wi-Fi. Unsecured guest and resident devices connecting to the same network as medically critical devices present a huge risk.
Here are four tips for safely making Wi-Fi available for senior patients and residents, visitors and guests while preventing compromises and addressing the compliance issues.
1. Use business-class Wi-Fi technology to segregate the networks. Business-class technology allows you to use separate Wi-Fi SSIDs to isolate networks. At minimum, create one for resident/guess access and one for caregivers/staff. Put the guest network in a DMZ or otherwise isolate its internet access and block access to the staff network. (Business-class technology is a must in a senior-care facility for reasons other than security. It generally delivers more-robust coverage than consumer-grade devices, including support for multiple access points.)
2. Enforce policies to keep the staff passphrase secure. Staff might be tempted to share their password with guests and residents, especially if the resident Wi-Fi enforces bandwidth throttling that limits data consumption. Discourage passkey-sharing by requiring a longer and more-complex passphrase for the staff network, while making the guest passkey shorter and easier to remember and enter. The best practice is to enact a written policy that prohibits sharing the staff passkey with residents or guests, or connecting their devices to the staff network.
3. Hide the Wi-Fi SSID for the staff network. By not broadcasting the SSID, it won’t show as a connection option. Moreover, if you don’t share the SSID with the staff, they won’t be able to connect any device on their own. This means IT personnel may need to occasionally help with getting equipment connected, but this is often easier than having to change the passkeys on all the devices later because residents are found to be connecting to the staff network.
4. Add an extra layer of sign-on security. Consider one or both of these options. MAC address filtering allows pre-authorized devices — and only those devices — to connect to the staff network. It can be difficult to administer, however. A much more effective and seamless approach is to use a single sign-on solution (such as Okta or Onelogin) that allows access only when a user enters their staff email address and password.
Of course, there’s more to compliance with HIPAA, HITECH and other regulations than just securing Wi-Fi access, but the tips above deal effectively with one of the biggest vulnerabilities that senior care facilities face.
If you would like to know more about security in a senior care setting, we’re here to help. You can learn more about FIT Solutions managed IT services for healthcare by calling us at (888) 339-5694.