With the ever increasing upsurge in personal data theft it should comes as little surprise that healthcare providers have landed in the cross hairs. We have seen incidents all over, including here in Toronto last year. Identity theft is a lucrative and thriving business. More resources need to be either allocated or better utilized to help combat this problem. After having conducted security audits on healthcare providers in the past it really is no surprise that they are getting picked on by the bad guys.
From PC World:
“There is definitely an uptick in attacks,” says Dr. John Halamka, CIO at both Beth Israel Deaconess Medical Center and Harvard Medical School in the Boston area. “Privacy is the foundation of everything we do. We don’t want to be the TJX of healthcare.” TJX is the Framingham, Mass-based retailer which last year disclosed a massive data breach involving customer records.
Dr. Halamka, who this week announced a project in electronic health records as an online service to the 300 doctors in the Beth Israel Deaconess Physicians Organization, acknowledges computers in healthcare are sometimes compromised as spam relays or to host unauthorized content such as porn.
“It gives attackers a means to distribute it,” says Halamka. While he has seen no evidence of attackers targeting healthcare networks to steal patient data for financial gain, other security experts say that dangerous trend is well underway.
Dangerous trend? Well, yeah. Porn is really the least of their problems. It really shouldn’t come as a surprise to people that this targeting is going on. Where is a bank robber going to go for income? Well, a bank. And the identity thief will go where the information is. Namely, yours.
Now, with the impending HIPAA audits approaching at any point it would seem that folks are giving this problem sharper focus in the US.
[tags]Healthcare Data Security, HIPAA, Identity Theft[/tags]