The potential risk for blackmail – think about your medical records when you are young. Are you ambitious to be famous?

Imagine you have a 1960s and Bohemian past, with many social and sexual diseases, and an ongoing need for treatment. You then become a “personality” and are famous, even to a small group of experts/aficionados. You could easily be blackmailed – over and over again. The thread to politicians and democratic freedoms is self-evident. The potential risk is for blackmail – think about your medical records when you are young. Are you ambitious to be famous? Do you trust our politicians to fund your future safety properly, and even if they do, to protect your confidential information? Remember you can opt out of planned sharing, by signing a form, or consider going privately and enhancing the two tier system.

Image result for medical fame cartoon

David Sanderson reported 3rd June in the Times: Health files worth more than bank details on the dark web

Patient records are now more valuable on the dark web than credit card details, it was claimed yesterday.
Sir Nick Partridge, the former deputy chairman of NHS Digital, told the Hay Festival: “Systems [to protect] are there but there’s a growing understanding that patient records are now much more valuable on the dark web than credit card ratings.
“They sell for more money so we can only expect this level of cyberattack to increase in a very fragmented NHS and it’s going to be a growing challenge.”
Last month computers at hospitals and GP surgeries were among thousands hit in a global ransomware attack that wreaked havoc on services. Sir Nick said that NHS Digital, the organisation’s information technology provider, had warned trusts of the dangers of cyberattacks a month earlier.
“What has gone unnoticed are the large number of hospital trusts that acted on that alert and protected their system and consequently didn’t go down,” he said. “Those that did [had] ignored that alert.” Dame Fiona Caldicott, the government’s national data guardian, told the festival she was unhappy that a report she produced last March at the government’s request about cybersecurity was shelved because politicians were distracted by the Brexit poll and aftermath. “If I use the word ‘impatient’ about how we feel about it not having been published, I think you will understand that.”

Other reports:

The Telegraph: Patient records more valuable to hackers than credit card details, NHS boss reveals 

 

 

 

Caroline Humer and Jim Finkle report in Boston for Reuters: Your medical record is worth more to hackers than your credit card

 

…The percentage of healthcare organizations that have reported a criminal cyber attack has risen to 40 percent in 2013 from 20 percent in 2009, according to an annual survey by the Ponemon Institute think tank on data protection policy.

Founder Larry Ponemon, who is privy to details of attacks on healthcare firms that have not been made public, said he has seen an increase this year in both the number of cyber attacks and number of records stolen in those breaches.

Fueling that increase is a shift to electronic medical records by a majority of U.S. healthcare providers.

Marc Probst, chief information officer of Intermountain Healthcare in Salt Lake City, said his hospital system fends off thousands of attempts to penetrate its network each week. So far it is not aware of a successful attack.

“The only reason to buy that data is so they can fraudulently bill,” Probst said.

Healthcare providers and insurers must publicly disclose data breaches affecting more than 500 people, but there are no laws requiring criminal prosecution. As a result, the total cost of cyber attacks on the healthcare system is difficult to pin down. Insurance industry experts say they are one of many expenses ultimately passed onto Americans as part of rising health insurance premiums.

Consumers sometimes discover their credentials have been stolen only after fraudsters use their personal medical ID to impersonate them and obtain health services. When the unpaid bills are sent on to debt collectors, they track down the fraud victims and seek payment.

Ponemon cited a case last year in which one patient learned that his records at a major hospital chain were compromised after he started receiving bills related to a heart procedure he had not undergone. The man’s credentials were also used to buy a mobility scooter and several pieces of medical equipment, racking up tens of thousands of dollars in total fraud.

MEDICARE FRAUD

The government’s efforts to combat Medicare fraud have focused on traditional types of scams that involve provider billing and over billing. Fraud involving the Medicare program for seniors and the disabled totaled more than $6 billion in the last two years, according to a database maintained by Medical Identity Fraud Alliance.

“Healthcare providers and hospitals are just some of the easiest networks to break into,” said Jeff Horne, vice president at cybersecurity firm Accuvant, which is majority-owned by private equity firm Blackstone Group.

“When I’ve looked at hospitals, and when I’ve talked to other people inside of a breach, they are using very old legacy systems – Windows systems that are 10 plus years old that have not seen a patch.”

KPMG partner Michael Ebert said security has been an afterthought for many medical providers – whether it is building encryption into software used to create electronic patient records or in setting budgets.

“Are you going to put money into a brand new MRI machine or laser surgery or are you going to put money into a new firewall?” he said.

Image result for medical fame cartoon

Advertisements
This entry was posted in A Personal View, Stories in the Media on by .

About Roger Burns - retired GP

I am a retired GP and medical educator. I have supported patient participation throughout my career, and my practice, St Thomas; Surgery, has had a longstanding and active Patient Participation Group (PPG). I support the idea of Community Health Councils, although I feel they should be funded at arms length from government. I have taught GP trainees for 30 years, and been a Programme Director for GP training in Pembrokeshire 20 years. I served on the Pembrokeshire LHG and LHB for a total of 10 years. I completed an MBA in 1996, and I along with most others, never had an exit interview from any job in the NHS! I completed an MBA in 1996, and was a runner up for the Adam Smith prize for economy and efficiency in government in that year. This was owing to a suggestion (St Thomas' Mutual) that practices had incentives for saving by being allowed to buy rationed out services in the following year.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s