It’s late sunday afternoon, I was reading news feeds. One feed struck me as worthy of sharing on this blog this instance. I hope you like the Photoshop graphics I swiftly assembled to prepare along for this post.
A Bloomberg report, citing a privacy blog Dissent Doe reported that hackers were able to access electronic medical records and emails belonging to the Surgeons of Lake County, a medical practice in Libertyville, Illinois, USA.
The hackers holding the data for ransom, demanded the practice to pay ransom money for a password to access the encrypted.The blog reported the practice declined to pay, it shut down the server and notified authorities but was clueless whether the practice was eventually able to access its Electronic Health Records (EHRs), or if it did, how did they do it.
This disturbing new trend emerging serves as a warning that unpredictable things can happen to data once it’s digitized when hackers (criminals) try to exploit the healthcare industry’s shift to digital healthcare information.
Also from this article, it quoted Bloomberg which reported two cases involving pharmaceutical prescription systems in 2009 and 2008, and also several cases prior to 2008 related to outsourcing practices.
In 2009, the Virginia Prescription Monitoring Program was hacked and hackers demanded $10 million from the state of Virginia (USA) after he or she claimed to have stolen and encrypted personal and prescription drugs for 8.3 million patients. Another hacker in 2008 demonstrated he or she had personal information on a few dozen members of the prescription-drug benefits manager Express Scripts and demanded ransom money, but never got the ransom demanded from this company. Four years earlier to 2008, several California hospitals were blackmailed after outsourcing their medical transcriptions overseas.
The Obama Administration is aggressively expanding the use of EHRs that it strongly believes is fundamental to reforming the U.S health care system. Billions of dollars worth of grants have been announced to help hospitals and health care providers implement and use EHRs. Many hospitals around the world have also moved the EHR way.
Criminal activities I am now quoting from this article, may seem one small event or events in an isolated area far away in the U.S and may not seem especially noteworthy, but it may offer the first tangible warning of a larger problem developing as the shift to digital medical records begins in U.S in a big way and even here on Malaysian shores as our hospitals begin to move the EHR way. I think hackers holding healthcare data for ransom may be described as a canary in a coal mine for the future of EHRs.
Abridged by R. Vijayan from the orginal article “Hackers Hold Health Data Hostage” by John Pulley for Nextgov, August 11, 2012
