Stories
Slash Boxes
Comments

SoylentNews is people

Health Care Providers – Not Hackers – Leak More of Your Data

posted by mrpg on Wednesday November 21 2018, @04:37AM   Printer-friendly
from the color-me-hacked dept.

upstart writes:

Submitted via IRC for SoyCow1984

Health care providers – not hackers – leak more of your data

Your personal identity may fall at the mercy of sophisticated hackers on many websites, but when it comes to health data breaches, hospitals, doctors offices and even insurance companies are oftentimes the culprits.

New research from Michigan State University and Johns Hopkins University found that more than half of the recent personal health information, or PHI, data breaches were because of internal issues with medical providers – not because of hackers or external parties.

“There’s no perfect way to store information, but more than half of the cases we reviewed were not triggered by external factors – but rather by internal negligence,” said John (Xuefeng) Jiang, lead author and associate professor of accounting and information systems at MSU’s Eli Broad College of Business.

The research, published in JAMA Internal Medicine, follows the joint 2017 study that showed the magnitude of hospital data breaches in the United States. The research revealed nearly 1,800 occurrences of large data breaches in patient information over seven years, with 33 hospitals experiencing more than one substantial breach.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Health Care Providers – Not Hackers – Leak More of Your Data | Log In/Create an Account | Top | 7 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by MichaelDavidCrawford on Wednesday November 21 2018, @05:54AM

    by MichaelDavidCrawford (2339) Subscriber Badge <mdcrawford@gmail.com> on Wednesday November 21 2018, @05:54AM (#764605) Homepage Journal

    As well as those of every other client of my mental health clinic:

    Someone stole a laptop out of the parked car of one of that clinic's employees.

    Now I ask you:

    WHY THE FUCK DID THAT LAPTOP HAVE OUR SOCIAL SECURITY NUMBERS ON IT?

    They request our SSNs when we request service at said clinic. If they had some legitimate use for them, one single computer in their entire office would have sufficed. That clinic could have stored our numbers in a database that's physically stored on just one computer, with some _other_ non-significant number serving as our unique keys.

    I've been told they have much more effective information security now. That's why non of their staff can reply to client emails, despite that they feel free to leave voice mails on our phones.

    I've repeatedly pointed out that voice mail is incredibly insecure, and that our families are often the very reason we require mental health treatment, but so far the best explanation I've gotten had been "That's a pay grade above mine, I'm afraid."

    --
    Yes I Have No Bananas. [gofundme.com]
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2