Cyber Criminality in Healthcare: The High Value and Easy Access of Medical Information

Candice Claassen

Candice Claassen

Posted on March 12, 2015

cyber criminalHow much data do you need to identify a person? According to a new MIT study, bare metadata can paint a surprisingly personal portrait of each of us. When researchers analyzed the anonymous credit card transactions of 1.1 million people, they found that it was possible to identify the unique purchasing patterns of more than 90 percent of subjects with only four pieces of data, such as timing or location. This is information that many individuals willingly expose through social media.
After identifying a purchasing pattern, analysts were able to find the name of individual consumers by studying data from Linkedin, Facebook and Twitter profiles, as well as apps such as Foursquare that people use to publicly “check in” to a location at an also publicly-disclosed time. With nothing but a simple data set, analysts were also able to isolate other personal identifiers such as gender and income bracket.
[related_content]The increasing use of mobile health apps, specifically those that can transmit data to a provider’s web portal, puts patients’ protected health information at risk of being accessed by cyber criminals. HIPAA protects some types of data, but the MIT study shows that information such as when patients log in to a patient portal and from where, along with identifying information that’s transmitted from a health app, may be enough for cyber criminals to commit identity fraud.
According to Reuters, medical information is worth 10 times more than credit card numbers on the black market, and cyber criminals are progressively turning their attention to the $3 trillion U.S. healthcare industry. While credit cards can be canceled as soon as banks detect fraud, medical identity theft takes much longer to detect and deal with.
Healthcare organizations should be aware of this as they implement new technologies. In addition to performing regular HIPAA compliance audits, hospitals and medical practices should ensure that data security features that protect even the most minute details of patient data are built into all digital health tools.


Related Posts

Illustration of four people in a healthcare organization discuss ideas and the roadmap for their softare development project.

Posted on December 03, 2021 by Paul Galbraith

When embarking on a software development project, there are often many unknowns: How should legacy software integrate with new solutions? What compliance issues need to be solved? How can technologies…Read more


Illustration. Middle: computer screen. Right: girl holding a key. Left, boy holding a cell phone.

Posted on November 09, 2021 by Pablo Bullian

PHI Leaked Due to Fresno’s Health Network Hack A group of health clinics in the Fresno area that belongs to United Health Centers were hit by a ransomware attack. Not…Read more


Newsletter
Subscribe to Our Newsletter

Get promotions and current business tips. Sign up for our newsletter today.