Tag Archives: Medical Privacy
Report: Medical data breaches are rising, with no end in sight
by Victoria Colliver, San Francisco Chronicle
These health data attacks give hackers all the information they need to assume a patient’s identity, launch targeted “phishing” attacks, clean out bank accounts and commit crimes under the victim’s name, said Pam Dixon, executive director of the World Privacy Forum, an arm of a nonprofit public interest research group in San Diego County. “What we have found with working with victims of medical identity theft is that most don’t find out for about two years,” Dixon said. “The sophisticated criminals who are committing these crimes are waiting to act on the data so there is less risk of being caught.” Read More ›
Anthem Hack: Could The Insurer Have Prevented It?
by Matt O'Brien, San Jose Mercury News
[Critics] say encrypting personal data could have helped. “They claim it’s the expense. Really, there’s no excuse,” said Beth Givens, founder and director of San Diego-based Privacy Rights Clearinghouse. “They don’t want to take the time and effort to decode it.” … Anthem’s breach affected up to 80 million people, far more than the 37.5 million actually covered by the insurer as of December, according to the company’s most recent earnings report. Those hacked included not just Anthem employees but also many former Anthem subscribers, many of whom long ago dropped the insurer. Read More ›
Anthem Hacked; Health Insurance Data On Up To 80 Million Exposed
by Chad Terhune and Ryan Parker, Los Angeles Times
“If confirmed, we are dealing with one of the biggest data breaches in history and probably the biggest data breach in the healthcare industry,” said Jaime Blasco, vice president and chief scientist at AlienVault, a San Mateo, Calif., information security firm. “For individuals, in a few words, it is a nightmare,” he said. “If the attackers had access to names, birthdays, addresses and Social Security numbers, it means that information can be easily used to carry out identity theft schemes.” Read More ›
FTC Calls For Strong Data And Privacy Protection With Connected Devices
by Natasha Singer, The New York Times
Last year, for instance, an electronics company that marketed what it said were “secure” Internet-connected cameras, allowing parents to remotely monitor their babies, settled a complaint by the F.T.C. that lax security practices had exposed its customers to privacy invasions. A security flaw allowed anyone with the cameras’ Internet addresses to view, and in some cases hear, what was happening in customers’ homes. Read More ›
The Big Business Of Selling Prescription-Drug Records
by Jordan Robertson and Shannon Pettypiece, Businessweek
Now that data mining has enabled pharmacy companies to adopt the practice, some critics say technological advances are undoing protections provided by the Health Insurance Portability and Accountability Act, the federal medical privacy law. … Matchbacks have solved one of Big Pharma’s biggest marketing headaches: the layers of physicians, pharmacists, and insurers that stood between drugmakers and patients in the past. “This is the holy grail for every pharmaceutical company, to know that there’s a way to look back to actual script information,” says targeted-ad pioneer Helene Monat. Read More ›
Hacked vs. Hackers: Game On
by Nicole Perlroth, The New York Times
The impact on consumers has been vast. Last year, over 552 million people had their identities stolen, according to Symantec, and nearly 25,000 Americans had sensitive health information compromised — every day — according to the Department of Health and Human Services. Over half of Americans, including President Obama, had to have their credit cards replaced at least once because of a breach … . But if there is a silver lining to the current predicament … security experts say it is that computer security, long an afterthought, has been forced into the national consciousness. Read More ›
The Creepy New Wave of the Internet
by Sue Halpern, The New York Review of Books
Apple offered a glimpse of how the Internet of Things actually might play out, when it introduced the company’s new smart watch, mobile payment system, health apps, and other, seemingly random, additions to its product line. As Mat Honan virtually shouted in Wired: “Apple is building a world in which there is a computer in your every interaction, waking and sleeping. … telling you how many steps you took, how high you climbed and how many calories you burned. … THIS IS THE NEW APPLE ECOSYSTEM. APPLE HAS TURNED OUR WORLD INTO ONE BIG UBIQUITOUS COMPUTER.” Read More ›
Internet of Things Will Transform Life, But Experts Fear for Privacy
by Steve Johnson, San Jose Mercury News
Although people already reveal much about themselves through their Internet searches and social media posts, that’s nothing compared with the trove of personal data likely to be disclosed by the Internet of Things. … The personal data revealed could include everything from your friends, hobbies and daily routines to your political views, religious affiliation and even your sexual activities. Your politics might be disclosed if you routinely watch like-minded programs on your Web-connected TV and use your personal robot’s videoconferencing capabilities for online meetings with a group that shares your views. Read More ›
Data Breaches in California Jump and Are Expected to Keep Climbing
by Andrew Khouri, Los Angeles Times
Security experts predict that the number of breaches, especially on a big scale, will keep growing. “The data breaches are going to continue and will probably get worse with the short term,” said Jim Penrose, former chief of the Operational Discovery Center at the National Security Agency. … Another vulnerable sector is the healthcare industry. Stealing medical records can be more “insidious” than stealing other data because they can be used for identity theft and fraud over a longer stretch of time. Read More ›
Lawyers Ask Supreme Court to Review Medical Data Breach Case
by Marisa Kendall, The Recorder
A thief broke into Sutter Medical Foundation’s Sacramento office in 2011, smashing a window and stealing a computer that housed records for 4 million patients. The data was password protected but not encrypted. The Third District dismissed the case on appeal, ruling the medical privacy statute was not triggered because plaintiffs lacked evidence the stolen information was actually viewed by an unauthorized person. Plaintiffs lawyers argue the affected patients suffered an invasion of privacy that constitutes real harm, even if it does not amount to quantifiable damages. Read More ›
L.A. County finds 3,500 more patients affected by data breach
by Abby Sewell, Los Angeles Times
Eight computers were taken from the Torrance office of Sutherland Healthcare Solutions, a company that handles medical billing and collections for the county, in February. The total number of patients affected is now about 342,000. County officials said the county is still reviewing Sutherland’s security procedures. So far, at least three lawsuits have been filed against the county over the data breach. Read More ›
Are electronic health records safe from the next heartbleed?
by Alisha Wyman, California Health Report
The discovery of the bug in early April coincided with the end of the sign-up period for the Affordable Care Act, which has relied heavily on web interaction with millions of consumers. Health care organizations are both desirable targets for cyber-criminals and less prepared than other sectors to protect against an attack, Internet security experts agree. Read More ›