Healthcare IT faces a new enemy
Black-hat hackers have been a threat to business for as long as there's been something worth stealing. Where healthcare is concerned, the most valuable prize has usually been medical or credit data, sometimes both, particularly if the patient was rich or famous.
These days, it seems healthcare providers are looking at a new wrinkle in the hacker-hackee relationship. In short, it seems there's a new breed of crook focused tightly on stealing medical identity. As this week's story on Express Scripts suggests, these criminals are well aware that people's medical identities are valuable assets for several reasons, including:
* Someone can pile up big bills in your name if they steal that name.
* You can't get the right care if your medical data is incorrect or references the wrong person.
* Your medical record often contains important financial information.
Brazen attempts at extortion like the one engaged in by the Express Scripts attackers isn't likely to become a standard approach. After all, it's much riskier to play cloak and dagger like that than it is to quietly, quickly steal identities and resell them to an equally unscrupulous third party. However, given the stakes involved, you can expect to see other forms of high-visibility crime take place around medical identity data.
As this type of crime becomes more common, the healthcare IT department, not to mention finance and medical records, may face some new precautions. For example, physical security may have to get tougher if people are willing to make million-dollar threats over medical ID data. After all, what is a printout of 500 patients' data worth nowadays? A lot, clearly.
On the IT side, it may also mean that architectures are going to have to change, particularly if they're built to assume that financial and medical data must be held under strict security--but that identity information isn't as vulnerable. As readers know, this can be time-consuming, so brace yourself.
The bottom line is that these nasty customers who steal medical identity data may foster a further shift in how the industry thinks about its data, what needs to be secured and even how (perhaps to using biometrics for all patient transactions). I, for one, am eager to see how IT departments address this one; it's going to be a doozy. - Anne
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site Map
| Editors | List in Marketplace | Supplier in MarketplaceTHE FIERCEMARKETS NETWORKFierceEnergy | FierceSmartGrid | FierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceHealthPayer | FiercePracticeManagement | FierceEMR | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceGovernment | FierceHomelandSecurity | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceMedicalDevices | FierceDrugDelivery | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceEnterpriseCommunications | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2011 FierceMarkets. All rights reserved. |
 |
