Is My Health Information Safe?
Crime runs rampant! If a hacker has my health information, chances are high they can get yours, too. Frankly, if they have mine, I find that less disconcerting than somebody having access to my credit card and bank accounts. Perhaps if I were a senator or a member of the president's cabinet, I might feel differently...as you may feel also. I may not care who knows I have three stents in my heart or that I have a history of being treated for anxiety. That senator or cabinet member, however, may have a very unpopular disorder and want that knowledge guarded zealously.
The idea behind hacking computers to get data is to turn it into money, and people are pulling down big bucks for sharing certain data with certain people! Apparently, holding data hostage is getting to be a popular pastime these days. I ran across a bundle of opinions about what the future holds recently in Healthcare Technology News for we who are interested in Electronic Medical Records (EHRs), and the article on healthcare hacking by Mark Kadrich set my imagination wandering. How can we improve security to healthcare systems?
In this industry, we need to make no mistake about it, consumers' health information need to be secure, and it's the professional's responsibility to make sure security measures are in play...their tools are stringent password security and all that magic software that runs in the background to keep hackers out of systems. Electronic Health Record (EHR) software is currently regulated by some pretty stringent laws, and I've thought we had done pretty well in guarding healthcare data against hackers. HIPAA, data encryption, complicated schemes for patient Release of Information (ROI) and other measures combine into quite a net of security, right?
One hospital I worked with required me to negotiate three different security systems to get to the database I needed to work on. Even with all those levels in place, they recently suffered a virus attack that took a couple months to recover from. The good news is that from the recovery, they ended up with better EHR protection. It was, however, quite an expensive way to earn wisdom. A visit from a security expert and a system security tuneup might be a better solution. It pays to hire the professional, and a couple years ago a friend of mine graduated from a professional education program as an expert in system security; it's a very specialized and valuable vocation…he got a job within weeks of graduating, and earns his tremendously increased salary
Healthcare Professionals are being encouraged to protect their consumers' data with yet more security measures, even to the PC level and for SmartPhones. There are a ton of solutions out there. Without a careful analysis of your needs, what's been effective and ineffective, which companies have a good track record of improving their products when a customer's data is compromised, and a number of factors, who can say what's best for you? The salesperson? Perhaps.
I am occasionally put in the uncomfortable position of recommending products and services like this, and frankly, I recoil as from a hot flame...there are plenty of security experts out there (like my friend), so I bring one of them into the equation. Technology changes by the minute, and I have enough work to do keeping tabs on EHR products and development. It's like laundry...I hire a professional because if I handle it myself, I'm bound to end up with an irremovable stain.