eBook - ePub
Cybersecurity for Coaches and Therapists
A Practical Guide for Protecting Client Data
Alexandra J.S. Fouracres
This is a test
Share book
- 208 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Cybersecurity for Coaches and Therapists
A Practical Guide for Protecting Client Data
Alexandra J.S. Fouracres
Book details
Book preview
Table of contents
Citations
About This Book
This groundbreaking bookfilters downthe wealth of information on cybersecurity to the most relevant and highly applicable aspects for coaches, therapists, researchers and all otherpractitioners handling confidential clientconversations and data.
Whether working with clients online or face to face, practitioners today increasingly rely on the cyberspace as part of their practice. Through a solutions-focused lens, the book provides easy-to-apply practical advice and guidelines using non-technical language, enabling practitioners to mitigate the rising threat of cybercrime, which can no longer be ignored. By the last page the reader will have knowledge and awareness towards: securing devices, spotting financial fraud, mitigating the risks of online communications, operating more securely from a home office and handling a cyber event if one occurs.
Clear, concise, and easy to follow, this guide is a pivotal resource for coaches, therapists, researchers and all otherpractitioners protecting their clients and businesses.
Frequently asked questions
How do I cancel my subscription?
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlegoâs features. The only differences are the price and subscription period: With the annual plan youâll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weâve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Cybersecurity for Coaches and Therapists an online PDF/ePUB?
Yes, you can access Cybersecurity for Coaches and Therapists by Alexandra J.S. Fouracres in PDF and/or ePUB format, as well as other popular books in Business & Mentoring & Coaching. We have over one million books available in our catalogue for you to explore.
Chapter 1 Cybersecurity is here to stay
DOI: 10.4324/9781003184805-2
Introduction
The very nature of the work you do â which can involve delving into the most sensitive, protected and personal areas of a personâs life â means a need to protect all client data. Confidentiality and safeguarding clients are among the first basic things learnt by all coaches, therapists, counsellors, psychologists, researchers and practitioners in care-giving roles. This chapter presents an honest view of how these factors fit into todayâs technological world and outlines the foundations of why every practitioner needs to learn to be cybersecure if they want to keep client data safe as well as clientâpractitioner interactions secure (whether written or spoken).
After reading this chapter you will have more awareness on
The home office
Including an understanding of what a home office and working from home actually mean today on both sides â for you as a practitioner and for your clients. While some readers may be employed by a corporation, many may be self-employed, working from a home set-up or a small office with equipment set up by themselves. Others may be working both in a corporation and a home office set-up.
Why cybersecurity is important?
Demonstrated through a discussion of the growing threat of cybercrime, highlighting the reasons why you need to self-educate on how to combat this.
Why the healthcare sector is a target?
Through an explanation of why occupations that fall under healthcare are targeted by cybercriminals, a trend that does not currently show any sign of abatement.
*
Terminology and your role
For simplification, the term âpractitionersâ is used throughout the book to group everyone this book is aimed at: coaches, therapists, psychologists, counsellors, researchers and other professionals handling confidential client data. This choice was made purely to have one term to cover all the readers. The term âclientâ is similarly used to group anyone practitioners work with.
Definitions of the term âcybersecurityâ can vary, and often include references to protecting networks and devices. Overall, for the reader of this book, cybersecurity includes being able to detect, mitigate and stop vulnerabilities, risks or attacks on your devices, networks and data. It also covers knowing how to respond in the event of an attack occurring.
It is important to point out that, in todayâs world, it is unlikely that any practitioner has zero touch points to the cyberspace and works without any form of connected electronic device (computer, tablet, phone or other). This would require that you correspond with clients only through face-to-face communication, never on a phone or other electronic device, never over email and never over any communications software/apps. It would also mean you never store session notes, calendar entries or static data related to your clients on a computer, tablet, smartphone or other electronic device. Also, to be clear, data written offline on a device disconnected from a network does not make it âsafeâ from cybercriminals; it can still be taken if the device is stolen or when the device goes online again. As soon as you touch the cyberspace, you are open to the risks this book will lay out. The book further funnels all of this down, chapter-by-chapter, to the focus points relevant to the reader.
Other useful terminology to understand at this point is that cybercrime is often delineated into cyber enabled and cyber dependent. Cyber-dependent crimes are those that rely on electronic devices (both on the criminal and the victim side) and a network connection to execute the crime â at least initially (Europol, 2017). Ransomware (which will be covered later) is an example of a cyber-dependent crime. Cyber-enabled crimes are crimes executed via the cyberspace, but not fully reliant on it. An easy way to distinguish this is: could the crime be committed in another format offline (The Crown Prosecution Service [CPS], 2019)? For example, you can be scammed for money by someone talking to you face-to-face, or via some form of correspondence over a computer, the cyberspace just enables a new, escalated or alternative form of the scam.
These definitions prompt a very important reminder on cybersecurity for the audience of this book: practitioners have a responsibility to understand their role in reducing the âdependentâ and âenabledâ factors of these crimes through cybersecurity and their own awareness. As will be shown in Chapters 5â7, some cybercrimes rely on weak security, while others rely on a person falling victim to a story.
You are operating in occupations where the term âconfidentialityâ is one of the main foundations of working with a client. Ensuring this and protecting client information starts from the very first contact. Data should be understood as comprising anything related to a client, including all interactions. The bottom line is that the moment you handle, process or store data insecurely, which includes having a conversation insecurely, you leave a door open for a criminal or an opportunist â to obtain the data either through unauthorised access online or by physically stealing it offline.
Most accreditation bodies/associations practitioners are members of now include references to data security in their ethics codes and competency frameworks or other guidelines. However, these are often just references with limited interpretation of what is written. As a practical guide, this book, by applying the cybersecurity lens, gives the reader more insight into why these regulations are there â not only to protect clients but all of us. By incorporating practices to protect data, we also make our entire practice less vulnerable. This is vital because where practitioners work from the foundations of confidentiality and trust, criminals operate from the opposite side of the spectrum. Their strategies are built around finding vulnerabilities that will enable them to exploit victims, and the more sensitive the data, the more valuable it is.
With technology comes responsibility
Before the advent of computers, client data was vulnerable where it was, in the physical space where it was written or lay locked up in fireproof safes or cabinets, which meant that it could only be taken from that one place. Today, however, emails, calendar events and notes connecting a practitioner to a client are typically stored on devices that can be moved around and connected online.
The ease with which we can store data and make it portable, along with the increasing vulnerabilities in the cyberspace, has likely been part of why there has been an increase in privacy and data protection laws over the last decades (Solove, 2007). The challenge is that the cyberspace today enables more entry points for criminals and more extraction points for them to take your data and listen in on your conversations.
An important point to make here is that a breach of privacy or data occurs when any type of record is taken. One online session overheard by a stranger, one exposed chat message thread or the breach of a calendar app and all its records, including the names and contact information of clients, is enough to threaten exposure of your clients and even bluff that more information is held. As will be highlighted through a real-life story coming up in this chapter, the fear of what might have been exposed can be enough to create emotional responses in clients. The breach of trust factor is significant.
All these points said, working online today is not only unavoidable but also enables practitioners to potentially provide more services, more efficiently than before. Storing client information electronically means it is available from anywhere at any time, and engaging in digital communication may improve outcomes dramatically for some clients, who would otherwise struggle to attend onsite (for either practical or health reasons). So, while the realities of cybercrime will be pulled into focus in this chapter, do not let this deter you; rather, the information is being provided to firmly show why cybersecurity is here to stay.
Another important point is that not all cyberthreats will target your clientsâ data. Some will be aimed at extracting money from you, through scams aimed at your business or you as the practitioner. These are also unfolded in this book, along with how to spot and mitigate them. Learning how to mitigate these threats is arguably just as important as protecting your client data, because cybercrime and fraud can cause long-lasting damage either financially or personally â to the extent that it can then have ripple effects on clients, leading to a situation where the practitioner either needs to discontinue or close their practice.
A final note on the important role you play in this journey. When working with clients, human behaviour and cognition may often be important factors in choices and outcomes for them. Although cybersecurity relies on technology and tools, human factors play a crucial role there too, particularly against criminals who continuously will look for a way in, and do not have any boundaries. By understanding the why, what and how and starting to implement some good practices along with reading these chapters, you minimise your own vulnerability as well as the weaknesses in your technology set-up.
In summary, it is through taking an active part in learning about cybercrime, understanding how to spot red flags as well as setting up security tools, that you enable a holistic, more effective cybersecurity approach (Back & LaPrade, 2019). Through changing behaviours and practices you can also build further on what you learn in the future, and much of what you read here can also be adapted into your everyday, personal cybersecurity practices.
Why being fully offline is not actually a safer option
There is no silver-bullet solution to any of the cyberthreats or issues mentioned in this book, unfortunately. The reality is that if one source of income for a cybercriminal is closed off, they will explore a new modus operandi (MO), look for new ways in, find the next security flaw or vulnerable person to exploit. It can be tempting, then, to consider that taking an alternative route to cybersecurity is having a no d...