medical-security-privacyLast night our CTO and Co-Founder Chris Wysopal joined Fox Business' The Willis Report to chat about medical record privacy in a segment titled "Digital Records Putting Your Health Information at Risk?"

In the six minute segment Chris talks about "the dark side" of putting medical data online in cloud servers. Among the stats thrown around;

  • 50% of doctors offices put customer data online,
  • 80% of hospitals put customer data online,
  • 21 million people had electronic records stolen in last 3 years,
  • 94% of healthcare companies report data breaches.

Staggering numbers no doubt, you might be asking exactly how dangerous is this information? Health insurance fraud, financial identity theft, credit risk and even personal endangerment. If a someone undergoes a medical procedure under your identity, your medical records become flawed. health-care-companies-hackedIn a scenario where you're undergoing emergency procedures your records could say you've had your appendix out when in fact you haven't.

Beyond personal data privacy concerns are medical device security concerns, a topic we've previously touched upon. Wysopal on the subject says, "The medical device problem is particularly scary because you have these devices which were standalone and now you're adding wireless functionality to you can monitor these devices and connect to them. A lot of them weren't designed with security in mind." All of a sudden these devices that were designed to only be accessed physically in person are now being exposed to attackers online, Wysopal also adds to the commentary, "It's also hard to fix these medical devices and update them because there's such a long certification process..they aren't like typical IT systems that you can patch in a few hours."

So what can you do to protect yourself?

  1. Ask your health insurance company for a copy of your medical record and activities.
  2. Pull your credit report at least once a year and verify all accounts and activity.

If you don't recognize something on one of these two reports, raise a red flag immediately starting with your healthcare provider. Check out the full video here for more great information.


About Neil DuPaul

Neil manages the blog pipeline at Veracode, often by fending off eager contributors with a stick. He manages much of the Veracode web presence while also motivating the more introspective Veracoders to be social. Lover of sports and outdoors, and a SERP enthusiast, hit him up on Twitter here.

Comments (0)

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.