...points mean open windows for hackers and data thieves to crawl into–and profit from. We at TTA have been following healthcare-related data breaches and medical identity theft issues for at least two years, with our latest two months ago here on the exploding black market. When medical records’ black market value is estimated at an average of $50 per record–94 percent of health care organizations have had at least one breach in the past two years–and 2 million Americans were medical identity theft victims in 2011–it’s one unpleasant ‘pointer to the future.’ This Editor will let the latest mass media... Continue Reading
Search Results for data breach
Medical identity theft hits new highs
...per individual Worse, the loss of health records led to misdiagnosis (15 percent of respondents); mistreatment (13 percent); delay in treatment (14 percent); or were prescribed the wrong pharmaceuticals (11 percent). But 50 percent of victims do nothing about it. As we’ve mentioned before, health records are alluring because of the value of information contained (DOBs and SSIs). HealthcareITNews, iHealthBeat, Ponemon Institute/Medical Fraud Alliance 2013 Survey (free copy with information). Previously in TTA: The exploding black market in healthcare data (ID Experts’ 10 year study and our TTA ‘Into The Breach’ Awards); Healthcare data breaches show 25% fraud risk: study... Continue Reading
The exploding black market in healthcare data
...Unencrypted connections potentially expose sensitive and embarrassing data to everyone on a network. Nearly three-fourths, or 72%, of the apps we assessed presented medium (32%) to high (40%) risk regarding personal privacy. The apps which presented the lowest privacy risk to users were paid apps. This is primarily due to the fact that they don’t rely solely on advertising to make money, which means the data is less likely to be available to other parties. Previously in TTA: VA networks breached from overseas, Healthcare data breaches show 25% fraud risk, QSing security and statistics (March), NHS data breaches and more.... Continue Reading
Telehealth Soapbox: Negotiating a Vendor’s Limitation of Liability Clause
...it seems inherently unfair that you should pay unlimited amounts of money to a third party because of something your vendor did, but then your recovery is limited by your contract. Yet another common carve out is an exclusion from the limitation of liability relating to your vendor’s breach of their (hopefully heavily negotiated) IT security and privacy obligations in the agreement. If your vendor suffers a data breach and your customer’s personally identifiable information winds up on the Internet, your vendor should be on the hook for the total amount of damages, not some arbitrarily capped amount. Cleaning up... Continue Reading
Healthcare data breaches show 25% fraud risk: study
For healthcare institutions, that data breach can really cost. Javelin Strategy & Research has been tracking the cost of data breaches, including healthcare, for the past ten years. Using its data across all their industries tracked (data here), the threat of identity fraud as of 2012 is up to 1 in 4, from 1 in 9 in 2010. In commenting on the big breach last year at the Utah Department of Health (780,000 records, TTA 22 Dec), a Javelin spokesperson has made some news by estimating the additional fraud cost at $406 million–and that is in addition to the estimated... Continue Reading
EHR backlash brewing. But one day, you’ll mine the data
...the EHR business model–not with hundreds of practice EHRs fighting for miniscule share. Also HealthcareITNews. Related articles: Confusion, consolidation and collapse, More EHR misery: EHR payment cutoff, data breach, Revealed: Hospital EHRs lobbied for stimulus funding But no worries, at one point the mining of data–the analysis of ‘big data’ generated on patients–will come from those same EHRs. Privacy concerns of course but this data can be invaluable for research: quick clinical feedback, comparative effectiveness, clinical trials, epidemiology, social acceptance of medication and similar. John Sharp in iHealthBeat reviews Electronic Health Record Data Mining — Is It a Dirty Word?... Continue Reading
Kaiser health records kept in unsecured warehouse, private home
Kaiser Permanente may–or may not–have fully dodged a near-atomic data breach of over 300,000 patient records and more. A now-public dispute between Kaiser and a vendor which stored records for some of their Southern California hospitals has put Kaiser in the hot seat for its practices with both the California Department of Public Health and US Health and Human Services (HHS). This long-time vendor was sued by Kaiser initially for not returning all records after the contract ended, and for storing records in questionable circumstances including a shared warehouse storing party rental items and a Ford Mustang, plus other records... Continue Reading
Telecare Soapbox: Northern Ireland’s ‘unhappy first birthday’ approaches
...the long list? If it were, I think we would have seen more progress by now. Perhaps that is why TF3 decided to nudge the process along and had an article (advertorial?) published in April’s AgendaNI. AgendaNI describes itself as “Northern Ireland’s leading public policy magazine, reaching over 7000 key decision makers in government, business, voluntary and community sectors”. However, other bidders complained that this was indirect canvassing, which is a serious breach of procurement protocols. Following this, Tunstall and S3 seem to have rapidly pulled information about TF3 from their websites, but Fold, at the time of writing, still... Continue Reading
Most Recent Comments