Steps to strengthen cyber defenses in senior care facilities
Imagine a nurse who checks her email during a busy shift and clicks a link labeled “Urgent: Resident Update.” In just a few minutes, your facility’s EHR system can freeze. You’re offline and your systems, email, and network need to be shut down. Billing stops and sensitive resident data is at risk.
This year alone, over 133 healthcare facilities experienced ransomware attacks. Of these facilities, 37% took more than a month to recover.
In senior care, cybersecurity isn’t just an IT or technology problem. It’s a shared responsibility. It’s about providing consistent care, maintaining trust through tech support and security programs, and ensuring compliance as threats continuously evolve.
The best defenses aren’t always the most costly or complex. Successful cybersecurity relies on awareness, teamwork, security and safety practices, and consistent habits. To gain a better understanding, we’ll explore:
Cyber threats targeting your facility right now
Ransomware and data hijacking
In senior care facilities, attackers know that health records and billing data are valuable targets. They take advantage of any weaknesses, whether it’s an unpatched server or endpoint, a misconfigured backup, or a user tricked into clicking a malicious link. The fallout from a breach isn’t just financial. Downtime can delay medication administration, disrupt meal delivery, and undermine trust with residents and families.
Unsecured devices and network-connected equipment
Many internet-connected devices, like smart monitors and wearable sensors, come with default passwords and often have weak or no data encryption. Each device can become an unmonitored doorway into your network. Attackers continuously scan for these gaps, using them to pivot into critical systems. Without regular security controls like monitoring and maintaining system and server patches and firmware updates, what should make care easier can put your facility at risk.
Phishing and human error
Human error remains the leading cause of healthcare breaches. A single click on a cleverly disguised email link can grant attackers full network access. Phishing attacks often look like messages from familiar vendors or internal communications. If your team doesn’t know how to spot red flags or follow reporting procedures, what begins as a benign-looking message can quickly escalate into a widespread security incident. Every user is the best early warning system. Knowing and reporting anomalies is a key to security risk reduction.
Legacy systems and outdated software
Many facilities still rely on EHR platforms, devices, computers, and servers that no longer receive security patches. Unsupported software allows cybercriminals to exploit publicly documented vulnerabilities. This makes network segmentation and virtual patching essential. Without them, outdated systems become a liability that puts your entire network at risk. Criminals look for the easiest way into their target. It’s like protecting your house—you want to make your house harder to get into than your neighbor’s.
Common cybersecurity misconceptions
A lot of facilities believe that buying the latest security tool solves all problems. But technology alone can’t replace human oversight. Automated monitoring can flood you with minor alerts, but without manual review and clear reporting protocols, real threats get buried.
Others might think cybersecurity is only an IT concern. But a billing clerk clicking a link or a nurse plugging in a personal USB device can trigger an incident.
Some providers feel they’re too small or too busy to make security a priority, relying on healthcare compliance standards. However, even modest investments in multi-factor authentication, basic backups, role-based access controls, and training and awareness can reduce risk dramatically.
Steps to strengthen your cyber defenses
Step 1: Take inventory of what you have
Begin by cataloging every system, device, application, and data repository in your facility. Include your EHR, billing platforms, vendor‐access portals, etc. A simple spreadsheet-based inventory can reveal forgotten servers, legacy devices, critical vendors or partners, and external logins that need review. That way you know exactly what requires protection and can prioritize your efforts based on risk and business value.
Step 2: Educate and empower your people
Create a training and security awareness program that includes every team member, educating them on the basics of threat recognition and reporting. Staff become active defenders through short, role-specific sessions on phishing emails, good password use, and flagging suspicious incidents. Reinforce that training regularly so security stays top of mind.
Step 3: Enforce strong access controls
Require multi-factor authentication for all administrative accounts, remote access points, email, and EHR logins. Affordable options are available from major identity providers at little to no cost. Pair this with role-based access so staff can only reach the systems they need, while removing access for former employees or contractors. If possible, monitor activities so errors or intentional acts can be identified and responded to.
Step 4: Keep systems up to date
Establish a routine for applying security patches across operating systems, third-party applications, and device firmware. When equipment can’t be replaced right away, isolate it on a segmented network or apply virtual patching. Consistent updates turn potential vulnerabilities into closed doors.
Step 5: Backup your data and test recovery
Implement reliable, encrypted backups stored offline or in a secure cloud environment to ensure you can recover from a ransomware attack. Schedule quarterly recovery drills to verify your restore process works. Without testing, you may find that a backup is corrupted or incomplete just when you need it most.
Step 6: Conduct regular audits and reviews
Make security audits a continuous improvement tool. Start with internal risk assessments of configurations and policies, then expand to applications and network access point. Later, add third-party risk management and incident response readiness. Use audit findings to fine-tune your defenses. Focus each review on the highest-risk areas rather than checking boxes.
Spotting the vulnerabilities and closing the cracks
Shared logins and guessable passwords are a hacker’s dream. Maybe you’ve even had a password stolen and found out it was made available on the dark web. Enforce passphrases that are unique, difficult to guess, and regularly rotated. Eliminate shared accounts by assigning role-based credentials so every user has an individual login.
Third-party applications can become vulnerabilities. Vet every vendor for security certifications such as SOC 2 or ISO 27001. Limit access to only what’s needed and include incident-notification clauses in contracts to ensure you’re alerted immediately if their systems are breached.
Avoid potential chaos from a breach by cultivating a culture that’s cybersecurity aware. Reward employees for flagging potential threats to encourage vigilance and provide a clear reporting channel. Develop a concise response plan that defines roles, escalation steps, and communication templates. Run routine tabletop exercises to ensure everyone knows exactly what to do when an incident occurs.
Turning awareness into action
Cybersecurity is a shared responsibility that demands a culture shift, not just an upgrade to the newest security tools and services. Avoid common pitfalls like relying on single tools to provide complete coverage or making it just an IT problem. Successful cyber defense doesn’t need to be costly or complex. High-impact measures such as device management, employee training, multi-factor authentication, and regular reporting can dramatically reduce risk.
Looking ahead, AI-driven threats will demand even greater vigilance. But a strong security culture lays the groundwork for adapting to tomorrow’s challenges. Building resilience now improves protections for residents and staff and reinforces trust in your facility’s commitment to safety.
At MatrixCare, we build security into our products and services. We believe cybersecurity is a priority that should be shared across the industry, and our team is committed to supporting providers in their own security efforts. Don’t wait until it’s too late to strengthen your facility’s defenses.
See how our experts can help you collaborate safer and keep your operations secure.
Todd Friedman
Todd Friedman is Chief Information Security Officer at Resmed, leading enterprise and application security, global risk and compliance, IT risk management, product security, and cloud security. He has 20+ years in information risk, security management, and IT leadership across healthcare, consumer products, entertainment, and insurance. A Los Angeles native, Todd holds an MBA from UCLA and a BA from UC San Diego. He is certified as a CISSP, CISM, CIPP, and CRISC.
See MatrixCare in action
Start by having a call with one of our experts to see our platform in action.
MatrixCare offers industry-leading software solutions. Thousands of facility-based and home-based care organizations trust us to help them improve efficiency and provide exceptional care.
© 2025 MatrixCare is a registered trademark of MatrixCare. All rights reserved.