Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Medicine Security

1 in 3 Patients Will Have Their Healthcare Records Compromised (computerworld.com) 68

Lucas123 writes: A legacy of lackluster electronic security in healthcare and an increase in the amount of online patient data will lead to an increase in the number of consumers who will have their healthcare records compromised by cyberattacks in 2016, according to a new report from IDC Health Insights. The report, which includes 10 future predictions about the healthcare industry, also predicted that by 2018, cognitive computing would play an increasingly important role in helping physicians to identify the most effective treatment for 50% of patients resulting in a 10% reduction in mortality and a 10% cut in costs. Also by 2018, 30% of worldwide healthcare systems will employ real-time cognitive analysis to provide personalized care leveraging patient's clinical data, directly supported by clinical outcomes and "real world evidence" data — information pulled from patient studies and treatment results. That same year, IDC expects virtual healthcare and computer-assisted surgery to be the norm. Surgeons will use computer-assisted or robotic surgery techniques to assist in planning, simulating, and performing 50% of the most complex surgeries. Conversely, patients will be communicating with physicians via messaging, email and video chat sessions far more often, which will reduce costs and increase convenience.
This discussion has been archived. No new comments can be posted.

1 in 3 Patients Will Have Their Healthcare Records Compromised

Comments Filter:
  • by Anonymous Coward

    2 out of 3 won't!

    • Probably only because electronic medical record interoperability is such a clusterfuck that the attackers won't be able to make sense of the data they've dumped, rather than because it will remain secure.
      • I've seen one system where the data is printed (or received by FAX), scanned into the patient record (as page images, i.e., TIFFs), and then a database of descriptors about the scans is what the medical personal can access... they then click a link (is this sounding like an intranet setup?) to pull up the scanned image in a new window... It's a bit scary... But on the other hand stealing a bunch of image files and then having to OCR and sort them does make for a less desirable target.
    • They'll get to them in the next 2 years.,

  • by EmeraldBot ( 3513925 ) on Thursday December 10, 2015 @04:07AM (#51093675)

    We were fortold to grow vital organs in the 90's. We would have a cure for death itself and become immortal by 2000. We were forcasted to all work in robotic lifting suites and fly in jetpacks and have self-flying cars decades ago.

    There's no doubt the cybersecurity breaches will become more and more common. To say you have an exact figure though is ridiculous. Maybe more, maybe less, but there's no way we can possibly predict what'll happen 20, 30 years down the road. people far overestimate the changes in 20 years and far underestimate the changes in 2.

    And lastly, I'd like to finish with this little bit...

    Elderly patients and patients convalescing with mobility issues, in particular, will find an advantage in using virtual doctor visits so that they won't be forced to commute to and from healthcare facilities.

    We were supposed to have this universally in the 70's, I don't know why people still beat this dead horse. Many places already have it, and it's not some lofty goal that's difficult to implement. It's a guy in a laboratory coat on Skype (or more realistically, some proprietary health application, but you get the idea).

    • by KGIII ( 973947 )

      I owned a medium sized business and that required that I do lots of things. One of those things was reading things like white-papers, market predictions, analytics, etc... I never thought to crunch the numbers but I did reach a few conclusions. I'll share to of them...

      They're lying.
      They're trying to sell you something.

      Again, I didn't crunch the numbers but I suspect a good 90% of them were inaccurate in some meaningful way. There were some good ones about clustering and virtual machines and a few prediction

    • by weszz ( 710261 )

      We gave video doctors a shot... flopped.

      Patients don't want to use it... they don't trust it, You don't think about using video chat for anything important as diagnostics are hard because you have a terrible camera that can't get things like feeling for lumps or something that isn't right through a video chat.

      Doctors aren't thrilled for the same reasons. There is just too much that can be missed through a webcam (assuming the equipment actually works when you go to use it)

      In person will be the best way to s

  • by Anonymous Coward

    Maybe fines and regulations will ensure patients aren't victimized by sloppy security anymore then.

  • by dbIII ( 701233 ) on Thursday December 10, 2015 @04:10AM (#51093681)
    Outsourcing important stuff with sensitive information obviously leads to fuckups, but some people cannot see the obvious until it knees them in the balls and spits in their eye. The "bad things only happen to other people" view is prevalent among those managers who spent their education time on "networking" - (as in getting drunk with students with rich parents)
    • by AK Marc ( 707885 )
      Nah, this is just a slashvertisement for a consulting company that provides security to doctors. Note, they don't detail how many security breaches there were last year, nor the total sum of HIPAA fines for poor online security (Still $0 last I looked). But they talk FUD about how many there "will be" unless you subscribe to their snake oil, and when their prediction is way off, they'll imply their efforts had something to do with it. Their numbers are insane. And they have nothing backing up their posi
      • by hesiod ( 111176 )

        how many security breaches there were last year, nor the total sum of HIPAA fines for poor online security (Still $0 last I looked).

        New York Presbyterian was fined $4.8 million last May, and that's just the first one I found: patients' medical information showed up on Google.

        • by AK Marc ( 707885 )
          That's the largest breach, and one of the few where the information ended up on a search engine. There were a few smaller fines I found, generally for careless sharing, with no specific breach found. Though, I could find none before 2014, which is about when I stopped following it, as it no longer mattered to my career or interests.

          I'd already made plenty of money violating HIPAA to give the doctors what they ask for. All the HIPAA consultants are crooked, and over-sold worthless and not legally complia
  • FYI, if it is really a difficult surgery, go to an expert. (e.g. Pancreatic surgery). Even if you have to pay out of pocket. The guy who wants your case so he can write it up is not necessarily as good as the guy who does lots of hard surgeries and doesn't publish as much.

    Also, read the research papers yourself if you are smart enough. Your doctor may know the field but hasn't always read everything you'll find, and that way you'll be working with good enough information that you can make an informed ch

  • "...Conversely, patients will be communicating with physicians via messaging, email and video chat sessions far more often, which will reduce costs and increase convenience."

    So, the doctors office that requires an initial visit, a follow-up visit, a follow-up to the follow-up visit, and every report and test result also requiring a visit, care to tell me how you're suddenly going to convince a corrupt system hell-bent on extracting a co-pay each and every time they do work for you with a forced visitation policy to step away from that easy revenue stream? (Ironically, using even more electronic communications will likely force us to modify the title of this article to 1-in-2.)

    C

    • So, the doctors office that requires an initial visit, a follow-up visit, a follow-up to the follow-up visit, and every report and test result also requiring a visit, care to tell me how you're suddenly going to convince a corrupt system hell-bent on extracting a co-pay each and every time they do work for you with a forced visitation policy to step away from that easy revenue stream?

      Where did you get the idea that they're not going to charge just as much for a video consultation?

      • So, the doctors office that requires an initial visit, a follow-up visit, a follow-up to the follow-up visit, and every report and test result also requiring a visit, care to tell me how you're suddenly going to convince a corrupt system hell-bent on extracting a co-pay each and every time they do work for you with a forced visitation policy to step away from that easy revenue stream?

        Where did you get the idea that they're not going to charge just as much for a video consultation?

        I don't doubt they will, but that will be rather limited. I doubt that medical diagnosis or other critical analysis will go on over phone or video chat without a misdiagnosis happening at some point causing a death and blaming the lack of physical presence for the oversight, establishing the precedent that you must go see your doctor in person to avoid that liability, which brings us right back to square one.

        And in today's litigious society, that scenario isn't far-fetched at all.

  • Ok - a couple of things. First, this cognitive computing will presumably need pretty accurate data. Anyione with any expoerience of health record data will attest that clinicians are not always locquatious and even simpe stuff, possibly important contextual data, is simply ignored.

    Second - it bugs me that scare stories about data security being breached could stop very valuable research that makes use of these data. If we are going to get cognitive computing in the future then analysts need access to these

  • by Voxol ( 32200 ) on Thursday December 10, 2015 @05:35AM (#51093831)

    If you have nothing wrong with you...

        you have nothing to hide!

  • by Anonymous Coward

    to *provide* the care... but a 200% increase to *receive it*... why not. most people have insurance now.. so jack the rates up.. let the insurance companies deal with the blowback from increased premiums instead.

    must have single payer system with uniform set rates for services... based on the scope of the facility and region its located in (e.g. a top tier hospital in nyc should get a few more bucks for services than a community hospital in bismark nd).

    • by hesiod ( 111176 )

      a top tier hospital in nyc should get a few more bucks for services than a community hospital in bismark nd

      Why? The Top-tier hospital has higher volumes and can afford better equipment, not to mention larger donation possibilities. Because of patient volume, they can purchase supplies in larger volumes, leading to cost savings and can deliver the same tests far cheaper than the smaller hospital in Bismark, or even more importantly, rural/critical access hospitals that can't afford the equipment for the high-value or elective procedures.

      You have it backward: the smaller independent locations should be getting

      • by jedidiah ( 1196 )

        The top-tier locations are contributing to the state of the art and able to provide better outcomes. They are BETTER. Just like you would pay for the better car or better PC, it makes sense to pay more for the better doctor.

        Even at the lower end, some facilities are clearly doing better and more deserving of anyone's money.

        Also, the top facilities aren't always in glamour cities.

        If the hospital in Bismark doesn't have it's own lab then you are in a world of hurt if you end up there.

        • by weszz ( 710261 )

          This is also leading to the healthcare consolidation that is going on. Larger providers are buying up smaller ones like crazy to improve the economics.

          It's happening across the country and was predicted due to the reimbursement changes and everything else going on.

  • I am so glad we have a national law requiring everything be digitized despite a lack of interest in doing so by the majority of providers. What a great idea that was.

    • by Anonymous Coward

      You'll notice that HIPAA contains numerous exceptions that allow government entities to collect heathcare data, including those records that are personally identifiable. The move towards EMRs in the ACA was never about helping treat individual patients, but about facilitating this data collection.

      • There of course is no opt-out for having EMR even though it's perfectly reasonable to believe that the medical and insurance industries are completely unprepared to secure patient records from theft. Someone can break into my doctor's office and steal paper records, but they can't steal 5 million at once, they sure can't do it from the other side of the planet and corporate and government Big Data information leaches can't analyze what is not online. I know statistically EMRs will save lives, but the consum

  • Ya know, I liked my insurance...back when it was one quarter of what it is now. Rat bastards.

  • This is IDC we're talking about...

  • Odd coincidence, I got two emails today from https://web.healthdataexchange... [healthdataexchange.com] that both passed GMail's filters and ended up in my inbox but look like classic phishing attempts. The site itself doesn't inspire confidence despite coming up "clean" when looking for info on it on the web. Links removed from examples Attempt One:

    Statement View your messages and documents: Click Here Sent 12/9/2015 11:04 PM

    Attempt Two:

    Thanks for signing up for the Secure Patient Portal! With this tool, you will be able to

The brain is a wonderful organ; it starts working the moment you get up in the morning, and does not stop until you get to work.

Working...