Cyber Criminality in Healthcare: The High Value and Easy Access of Medical Information

Candice Claassen

Candice Claassen

Posted on March 12, 2015

cyber criminal
How much data do you need to identify a person? According to a new MIT study, bare metadata can paint a surprisingly personal portrait of each of us. When researchers analyzed the anonymous credit card transactions of 1.1 million people, they found that it was possible to identify the unique purchasing patterns of more than 90 percent of subjects with only four pieces of data, such as timing or location. This is information that many individuals willingly expose through social media.
After identifying a purchasing pattern, analysts were able to find the name of individual consumers by studying data from Linkedin, Facebook and Twitter profiles, as well as apps such as Foursquare that people use to publicly “check in” to a location at an also publicly-disclosed time. With nothing but a simple data set, analysts were also able to isolate other personal identifiers such as gender and income bracket.
[related_content]The increasing use of mobile health apps, specifically those that can transmit data to a provider’s web portal, puts patients’ protected health information at risk of being accessed by cyber criminals. HIPAA protects some types of data, but the MIT study shows that information such as when patients log in to a patient portal and from where, along with identifying information that’s transmitted from a health app, may be enough for cyber criminals to commit identity fraud.
According to Reuters, medical information is worth 10 times more than credit card numbers on the black market, and cyber criminals are progressively turning their attention to the $3 trillion U.S. healthcare industry. While credit cards can be canceled as soon as banks detect fraud, medical identity theft takes much longer to detect and deal with.
Healthcare organizations should be aware of this as they implement new technologies. In addition to performing regular HIPAA compliance audits, hospitals and medical practices should ensure that data security features that protect even the most minute details of patient data are built into all digital health tools.

Related Posts

Illustration of a doctor sitting at a computer reading messages on a HIPAA compliant messaging portal.

Posted on April 12, 2023 by Pablo Bullian

Data security is a major challenge in healthcare. With data breaches on the rise, it seems that criminals are increasingly viewing digital healthcare data as low-hanging fruit. According to the…Read more

Graphic of a large laptop with a shield and padlock in front of it. Smaller images of people on the left and right side of the labtop interact with various mobile devices.

Posted on February 16, 2022 by Pablo Bullian

Welcome back to the Medical Web Experts Security Bulletin. Below are some recent developments that may impact your organization, as well as our recommendations for keeping your systems secure. Mitigating…Read more

Subscribe to Our Newsletter

Get promotions and current business tips. Sign up for our newsletter today.