Here is an interesting article in Politico titled, Electronic health records ripe for theft.
What I found interesting is that most of the comments could have been made 10 years ago. What is wrong with the article is the claim that healthcare is due for breaches involving private health records for “hundreds of thousands of patients.” That has already happened. The writer draws comparisons to the big Target credit card breach. The only difference in healthcare is that the large breaches have not gotten the sensational, but appropriate coverage credit card breaches have gotten. The day of a Target style reckoning for healthcare is coming. I guarantee it.
Three other interesting quotes:
- As health data becomes increasingly digital and the use of electronic health records booms, thieves see patient records in a vulnerable health care system as attractive bait, according to experts interviewed by POLITICO. On the black market, a full identity profile contained in a single record can bring as much as $500.
- “Criminal elements will go where the money is,” said Wah, who was the first deputy national coordinator in the Office of the National Coordinator for Health IT. “They’re seeking health records not because they’re curious about a celebrity’s blood type or medication lists or health problems. They’re seeking health records because they can do huge financial, fraudulent damage, more so than they can with a credit card number or Social Security number.”
- Other health security experts say hospitals’ response to cyber security issues has been lackluster, with providers still focused on privacy and confidentiality rather than data terrorists.