It was announced recently that nearly 5,000,000 patient records of military personnel were stolen. There was no elaborate hacking, and no technical skill was required on the part of the thieves — some tapes containing these records were stolen from a car belonging to an employee of SAIC who was prosaically transporting them between federal facilities in San Antonio Texas. The data included not only sensitive medical information, including prescription records, but also the names, addresses and Social Security numbers of victims.
Since September 2009, around the world, about 15 million patient records have been purloined, “mislaid,” or otherwise compromised. Most famously, Stanford University Hospital recently announced that the medical records of approximately 20,000 emergency room patients had been posted on a public website for nearly a year. Within a few weeks of that announcement, a class action was filed under the California Confidentiality of Medical Information Act which, like many other state and federal statutes here and abroad, requires safeguards to ensure the privacy of such information. In answering the suit, Stanford illustrated just how many people have access to that sensitive data in the ordinary course of business. Stanford alleged the information had been securely transmitted to a data collection service; that the collection service had transmitted the data to a graphics company in order to prepare a visual presentation based on the data; and that an employee of the graphics company had mistakenly posted the information on a website — a breach which managed to go undetected for at least a year.
However, even if your data does not get posted on a public website, lots of people can see just how much Xanax you’ve been taking.
In the United States there is currently a major push to digitize all patient records. Similar efforts were undertaken some years ago in the UK and in Australia. About $45 billion of stimulus money was allocated to the effort, accompanied by a persuasive case delineating its benefits: the instant availability of information to doctors, which might well save lives; the elimination of many forests worth of paper records; the ultimate promise of very substantial cost savings; an unprecedented clarity of the information itself (in other words, who could read a doctor’s handwriting anyway?); and best of all, given the state of the economy, the creation of over 200,000 jobs.
In an ideal world, one could hardly argue with the benefits of digitization. The problem is that the world is a somewhat less than ideal place.
What is happening in the United States and elsewhere is that the good news of easy access to information is running way ahead of the bad news relating to the loss of privacy about that information. Time and again it is demonstrated that corporate and government attitudes about sensitive personal information relating to individuals are, shall we say, a tad nonchalant. Details about the SAIC breach are scarce, but it sure sounds like somebody just left the tapes in an empty car all day in a public parking lot somewhere. SAIC’s spokesman made an astute observation in the San Antonio Express-News that if the tapes hadn’t been left in the car to begin with, they couldn’t have been stolen.
The problem is that the people who have legitimate access to your data don’t really care about it enough to adequately protect it, despite all the legislation, lawsuits, and news stories that should make them more careful. This is bad enough when it comes to personal identifying information, the theft of which can wreak havoc on your financial well-being. But medical records are even more sensitive, even more personal than your bank account numbers, and can put at risk your entire life, not just your financial life.
Think for a moment about what happened in San Antonio. The medical information of literally millions of people who have sacrificed a great deal to protect this nation was potentially exposed because a contractor decided that it was no big deal to transport such precious cargo in a private car under the watchful eye of an employee — as opposed to an armored vehicle with armed guards, or a secured encrypted data feed.
Of course, the breach was accompanied by the usual assurances — the data isn’t so easy to access, the thief likely didn’t know what he was stealing, etc. However, the fact remains that that information can be used by a number of categories of unscrupulous actors, against the people that we as a society are probably most interested in protecting. Unfeeling employers, disgruntled spouses, thieves of every description, and even those with bad intentions toward the country, as opposed to any individual, could create serious mayhem if they got their hands on it and figured out how to access it. And, make no mistake, with stakes that high there are a significant number of people who would make it worth someone’s while to find a way.
Identity management company Sailpoint recently commissioned a survey that produced some really scary findings. In all three countries currently undertaking a push to digitize medical records, no less than 80% of consumer respondents said they were at least concerned about the process. That rather predictable fact is not nearly as important as something else the survey uncovered: in the U.S., 20% of respondents admitted that they would steal data from their employer; in Australia that number was closer to 33%, and in the UK it was 50%! Perhaps you’ll find this more comforting: in the U.S. and Australia between 4% and 5% of respondents also admitted that they would sell that data for profit if they could! And in the UK, a whopping 24% of respondents admitted (perhaps eagerly admitted) that they would be happy to make money by ruining people’s lives! Ah, the Brits…
We really need to wake up fast. It would be difficult to argue against the potential benefits that accompany the digitization of medical records, but it is impossible to argue against the simple fact that once information is digitized, the assumption must be made that a great deal of data on a great many people will be easily accessible and transportable by someone who shouldn’t have it, and to someone who is willing to use it perniciously. As has been said many times before, your personal identifying information is already “out there,” and thus what you can do to protect yourself may already be a silly question. But for the most part, your medical information – perhaps the most sensitive information that there is – is still strewn on paper in hundreds of filing cabinets, and quite possibly recorded in illegible handwriting. The chaos of all that paper protects it. But once it’s digitized, its accessible to many more people, it’s centralized all in one place, and it’s probably better organized, easy to understand, and therefore easier to misuse.
Before we as a society spend more money to digitize medical information, I think it would be better to spend some stimulus money on finding ways to protect it BEFORE it’s exposed. Else, the digitization operation might be a success, but patients’ private lives will forever be endangered and exposed. Our personal medical information may be the final frontier of our personal privacy. Let us reflect upon that as we begin Protect Your Identity Week this coming Sunday.
Originally posted at the Huffington Post.