Tuesday, August 19, 2014

Data Breach by Chinese Hackers Exposes 4.5 Million Health Care Records

Hacker.jpg
 
I learned recently that the most valuable piece of data on the illegal market is not a Social Security Number or a credit card number, it's a health care record.  I was told that currently SSN's or CC's are worth about fifty cents while a medical record is worth about eleven dollars.  That's right, it takes 22 SSN's to equal ONE health care record.
 
With all of that being said, I saw a story today that Community Health  Systems (CHS) filed an 8-K regulatory filing with the U.S. Securities and Exchange Commission (SEC) in which it disclosed that somewhere between April and June 2014 the company suffered a data breach that affected roughly 4.5 million individuals.  The company that CHS hired to investigate the breach, stated that "In this instance the data transferred was non-medical patient identification data related to the Company's physician practice operations and affected approximately 4.5 million individuals who, in the last 5 years, were referred for or received services from physician affiliated with the Company".  However, CHS states that credit card data was not included in the stolen data.
 
Now that doesn't sound so bad… I mean no medial info & no credit card info was stolen.  However, sometimes it's telling what they are not saying.  I'm willing to bet that what WAS taken could easily be: name, address, phone numbers (including mobile, which opens up another whole can of worms), medical insurance info, perhaps next of kin info, perhaps mother's maiden name, among other things.  Also, while the medical info not released may be health history, they do say the patients were referred and if the referral info is included, that could certainly tell you a lot about a person's health… for instance a referral to a diabetic counseling service would allow one to make some basic assumptions about a person's health status...
 
This is one more reason to make sure that YOUR office data is secure.  A good dental IT provider such as Goetze Dental or Solution Start  can go a long way to make sure that your office is as secure as possible.  Add to that using a secure email system such as Aspida to help protect patient data between other providers can help as well.
 

Post a Comment