{"id":4011,"date":"2015-03-18T09:27:40","date_gmt":"2015-03-18T13:27:40","guid":{"rendered":"http:\/\/www.khpi.org\/blog\/?p=4011"},"modified":"2015-03-18T09:47:30","modified_gmt":"2015-03-18T13:47:30","slug":"another-major-data-breach-for-a-health-insurer","status":"publish","type":"post","link":"http:\/\/www.khpi.org\/blog\/another-major-data-breach-for-a-health-insurer\/","title":{"rendered":"Another Major Data Breach for a Health Insurer."},"content":{"rendered":"

Hackers breached whatever firewalls and security measures were present at Premera Blue Cross based in Washington state.\u00a0\u00a0 The personal, financial, and now even medical information of some 11 million past- and present customers were accessed.<\/a> The breach may have occurred last May, was detected on January 29, but not disclosed to either the public or regulators until a few days ago.\u00a0 Nice job on the accountability front.<\/p>\n

I recently wrote abou<\/a>t an even larger breach of security at Anthem where the personal information of almost 80 million people was penetrated.\u00a0 It was not thought that medical information was compromised then, but how can one know for sure?\u00a0\u00a0\u00a0 I predicted we would be seeing more attacks on medical record and insurance databases but it is disappointing to see them coming on so rapidly.\u00a0 There are at least two driving forces or enablers.\u00a0 The first follows from Willie Sutton\u2019s law explaining his reason for robbing banks\u2014because that is where the money is.\u00a0 Some 18% of our gross national product fuels the healthcare industry\u2014 that is where the real money is.\u00a0 Medical fraud is part of that big business.<\/p>\n

The industry enabler is that accessing medical information seems to be so easy.\u00a0 If banks, other financial organizations, or for that matter governments cannot keep their digital records secure, why should we assume for a moment that our medical information will be any less vulnerable to prying eyes?\u00a0 Much has been promised about the value of having our computerized medical records available to us and everyone who takes care of us. We are told that \u201cbig data,\u201d the analysis of massive data sets, will revolutionize medicine and save us a fortune.\u00a0 More and more information is being collected with the goal of providing safe and effective medical care of high value and to reduce fraud. The assembly\u00a0and analysis of medical data is now a big business of its own.\u00a0 Everybody and their uncle wants access to the data\u2013 me included.\u00a0 There are any number of business \u201cpartners\u201d willing to comb through an institution\u2019s medical data for research, marketing, or business purposes. But to accomplish the above means making it transportable or available and there\u2019s the rub!<\/p>\n

Take computerized medical records.\u00a0 I never had to use them as a doctor, and there are many providers that love them, but we are getting more and more pushback from patients and providers alike as the downsides of switching to the digital medical encounter emerge. To make their use practical, providers can access medical records from home or their cell phones.\u00a0 If they can do it, so too can your geeky 14 year-old nephew let-alone a well financed medical voyeur. A major complaint about existing electronic medical record systems is that they do not talk very well to each other or to the insurers and regulators demanding information. \u00a0Attempts to expand accessibility for some runs the risk of further security comprise for all.<\/p>\n

To boast about my sagacity, I predict here and now, that we will have another multimillion-record breach of digital medical information security within 6 months.\u00a0 To demonstrate my confidence in this likelihood, I will accept the wager of a Martini in your favorite Louisville bar or mine.\u00a0 Alas, even if I win, we all lose!<\/p>\n

Peter Hasselbacher, MD
\nPresident, KHPI
\nMarch 18, 2015<\/p>\n

Share this:<\/h3>