With the wave of data breach announcements made by companies like Sony and Target, it may not come as a surprise for readers to learn that privacy concerns may also affect the health care industry.
Specifically, some commentators are concerned that electronic health records may also be subject to privacy breaches. Although many hospital facilities and health care providers have made the switch to EHRs, that transition may not have been accompanied by adequate security safeguards.
Why might hackers be interested in EHRs? According to one industry commentator, health data might contain even more confidential information than a credit card transaction. For example, Social Security numbers, financial details, insurance coverage, prescription drug and other health insurance information might all be contained in a patient’s EHR.
Unfortunately, the cyber attacks have already begun. As of September 2014, the EHRs of over 7 million patients might have been compromised by health care data breaches. In one example, a hacker used information from an EHR to file a false income tax return and collect over $175,000 in fraudulent tax refunds.
There are some federal laws offering protection, such as one that requires patients be given notice of any potential health care data breaches. Yet an attorney that focuses on medical malpractice law might question whether more proactive security measures are needed. Although this type of injury might be financial rather than bodily, the negligence of hospital officials may be equally as great in this new area of concern.
Source: Anesthesiology News, “Be Prepared for EHR Breaches, Experts Warn,” Dec. 29, 2014