The recent hacker attack against Community Health Systems highlights concerns about patient privacy as hospitals, doctors and other providers move to use more electronic records.
Marketplace: Health Records Are An Easy Target For Identity Thieves
Community Health Systems, a large hospital operator, got hacked. The word is Chinese hackers stole some 4.5 million health records from the company. The files included everything from patient Social Security numbers to birth dates and addresses, a veritable goldmine of information for identity theft. Healthcare providers have been digitizing our records to make everything from treating patients to filing for insurance more efficient. But in their rush towards efficiency, cyber security has gotten lost, says Stephen Cobb, a security researcher at ESET (Kim, 8/19).
The Washington Post's Wonkblog: Health Care Data Breaches Have Hit 30M Patients And Counting
In this latest incident, hackers reportedly stole personal data from Community Health Systems patients, including their Social Security numbers, which is an especially coveted piece of information if you want to steal someone's identity. But it appears that patients' medical data and credit card numbers were not stolen in this case. Thanks to some tougher federal reporting requirements for health-care data breaches in recent years, we have a better sense of when patient information goes missing or might have been inappropriately accessed by someone (Millman, 8/19).
The Wall Street Journal’s CIO Journal: Health Care CIOs Boosting Security In The Wake Of Breaches
A recent string of high-profile data breaches is leading some health-care CIOs to modify their approach [to]cybersecurity. The new approach is partly influenced by executive boards demanding more communication from IT on security efforts. CIOs say they are implementing new security software and processes, hiring staff and meeting with their boards more regularly. But the industry may need to up its security spending to get results. Health-care providers generally have smaller IT budgets than private-sector companies (Boulton, 8/19).