Search Results for breaches

Is nothing private in your EHR? Another disturbing trend out of Swampland.

September 18, 2013 | by | Comments Off on Is nothing private in your EHR? Another disturbing trend out of Swampland.

...(abused) by other entities involved in ACA such as the IRS, state Medicaid databases and Social Security? How much of this data will accidentially leak out in non-deidentified files? Will breaches of millions of non-encrypted records become the norm? Another important and oft-overlooked factor is the additional workload on already overworked hospital and clinical staff, who presently struggle to get comprehensive vital data correctly into multiple fields and screens on present EHRs–a major pain point among many speakers and participants at this past week’s iHT2 Health IT Summit. Finally, there’s the patient. He or she will be pressed to answer,... Continue Reading

Medical identity theft hits new highs

September 14, 2013 | by | Comments Off on Medical identity theft hits new highs

...per individual Worse, the loss of health records led to misdiagnosis (15 percent of respondents); mistreatment (13 percent); delay in treatment (14 percent); or were prescribed the wrong pharmaceuticals (11 percent). But 50 percent of victims do nothing about it. As we’ve mentioned before, health records are alluring because of the value of information contained (DOBs and SSIs). HealthcareITNews, iHealthBeat, Ponemon Institute/Medical Fraud Alliance 2013 Survey (free copy with information). Previously in TTA: The exploding black market in healthcare data (ID Experts’ 10 year study and our TTA ‘Into The Breach’ Awards); Healthcare data breaches show 25% fraud risk: study... Continue Reading

FDA’s discouraging role in medical device security

August 8, 2013 | by | Comments Off on FDA’s discouraging role in medical device security

According to a Wall Street Journal report (unfortunately firewalled), hospitals are pointing a very long finger at medical device manufacturers for not updating software and leaving devices open to breaches. Yet the manufacturers readily cite FDA’s most recent guidance as prohibiting software updates and security patches without resubmitting their devices for approval–something a spokesperson for the FDA denies as long as the update is for cybersecurity only. If the draft guidance issued in June is actually finalized, it will go the distance in helping manufacturers and hospitals. Hospitals Say Device Manufacturers Resist Boosting Cybersecurity (iHealthBeat)... Continue Reading

The exploding black market in healthcare data

August 6, 2013 | by | Comments Off on The exploding black market in healthcare data

...conclusions are reinforced by the California State Attorney General’s report that 55 percent of breaches “were intentional intrusions by outsiders or by unauthorized insiders” and that healthcare breaches were the third largest in reported incidents. A counter-measure may be the Medical ID Fraud Alliance, a collaboration in progress that is planned to include the Federal Trade Commission, the Secret Service and the Veterans Administration. More in Amednews.com (published by the American Medical Association) Healthcare breaches due to criminal activity and plain error are becoming more common as well. All one has to do is bop over to Privacy Rights Clearinghouse,... Continue Reading

The ‘Wild West’ of 40,000 mobile apps

June 21, 2013 | by | Comments Off on The ‘Wild West’ of 40,000 mobile apps

...when by all reports they have changed direction [TTA 17 May]. 40,000 health-related apps and no easy way to know which ones work And while we are on the subject of FDA, now they are dealing with the strong possibility of cyberattacks on the data and systems of the very medical devices they are regulating. In a 13 June communication to manufacturers and providers, “Many medical devices contain configurable embedded computer systems that can be vulnerable to cybersecurity breaches”–the introduction of malware or unauthorized access to configuration settings–made worse by internet, mobile access and the infamous cloud. Government Health IT... Continue Reading

VA networks breached from overseas; 20 million records affected (US)

June 19, 2013 | by | Comments Off on VA networks breached from overseas; 20 million records affected (US)

...far more sinister nature. According to former VA Chief Information Security Officer Jerry Davis (now at NASA), the attacks continue from these countries, and according to Subcommittee Chairman Rep. Coffman, may include China and Russia. Testimony and evidence also revealed that those responsible for informing Secretary Shinseki may have understated the problem. The VA has certainly been taking its lumps with a Magic 8 Ball of late, with a derailed joint EHR project with the Department of Defense and wrangling on who’s leading integration [TTA 3 April; iHealthBeat]. VA Systems Hacked From Abroad, Was VA Secretary Misled About Breaches? (HealthcareInfoSecurity)... Continue Reading

WebRTC may revolutionise communications for older people – quietly and soon

June 6, 2013 | by | Comments Off on WebRTC may revolutionise communications for older people – quietly and soon

...Well, those readers using Chrome and the latest Firefox beta browsers already have that capability and a long article (6 web pages) in CIO.com speculates that other browsers (with the exception of Apple’s?) will not be far behind. With WebRTC, Real-Time Communications Come to the Browser. The article gets very techie half way through but, for the context of care, there is an important point towards the end – the WebRTC protocol requires the user to give permission for the browser to access the microphone and webcam, which will allay concerns about breaches of privacy. Hat tip to Sande Olson.... Continue Reading

Healthcare data breaches show 25% fraud risk: study

April 30, 2013 | by | Comments Off on Healthcare data breaches show 25% fraud risk: study

For healthcare institutions, that data breach can really cost. Javelin Strategy & Research has been tracking the cost of data breaches, including healthcare, for the past ten years. Using its data across all their industries tracked (data here), the threat of identity fraud as of 2012 is up to 1 in 4, from 1 in 9 in 2010. In commenting on the big breach last year at the Utah Department of Health (780,000 records, TTA 22 Dec), a Javelin spokesperson has made some news by estimating the additional fraud cost at $406 million–and that is in addition to the estimated... Continue Reading

Prediction: big data saving big money

April 30, 2013 | by | 1 Comment

A pointer to the (US) future from the (UK’s) Emma Byrne in Forbes; four developments which will lower cost of care in the near future are big data accessible in patient data warehouses, used in personalized/predictive medicine, wellness maintenance and just-in-time medicine. No cautionary notes here about data breaches, which affect an average of 2,700 records for an average price of $2.4 million, but savings of 10 percent (or $900 per person) isn’t hay either. Scientists Save Healthcare (But They’re Not From Med School) Update 30 April: If you are one of the many who wonder what Big Data really... Continue Reading

Quantified Selfing: security and statistics

March 25, 2013 | by | Comments Off on Quantified Selfing: security and statistics

It was inevitable, but now there’s concern about your QS data’s security and hacking. With healthcare organizations having security breaches rather routinely (wander over to the Privacy Rights Clearinghouse), the Federal Government routinely fighting off ‘denial of service’ assaults and Facebook, Apple, Twitter and Dropbox joining the hacked club, how long will it be before a fitness or telehealth company is breached? Or hospitals/providers which use insecure messaging, Skype and data files? Or those 600-odd practice EHRs? From the article, Avi Rubin, the director of the Health and Medical Security Lab at Johns Hopkins University: “Any system that consists in... Continue Reading