In a lot of ways we have become numb to the number of stories we hear about hackers breaking into this database or that database. However with the increasing push to move all of our data into the cloud, including our medical data, one has to wonder how long before we start hearing horror stories of medical data being held for ransom, or being sold on some hacker network.
There's no getting around it, we're jaded when it comes to news about the latest database being hacked, the latest smartphone being jailbroken within minutes, or some site being DDOS'ed. It's like we've almost gotten to the point where we think of this type of thing being the cost of doing business in a modern tech world where companies en masse don't seem to care one iota about keeping our data safe – when they aren't trying to sell it themselves that is.
Up until now though, our one and most treasured form of data has been considered—our health information; mainly because the health industry as a whole wasn't making the same mindless rush to the cloud that other industries have. That is in the process of changing, and changing fast which is suddenly providing a whole new fertile ground for hackers to dig into.
One would think of course that because it is our health information that is at risk here that those involved would be doing everything they can to make these medical information repositories safe as possible; and not only that but also the very hospitals that we go to when we are ill or hurt. The only problem is, as found out by The Washington Post after a yearlong investigation, they aren't doing anything to make our data or healthcare systems secure.
In fact the report found that the health care industry is one of the most vulnerable industries in the country to the point that the Department of Homeland Security has expressed an increasing fear that our health care industry could be the next big plum target for activist hackers, cyber warriors, criminals, and terrorists.
We have already seen the beginnings of this move to hacking health care and medical equipment but until there is a serious mind shift in the medical industry when it comes to security it is only a matter of time before our medical information and devices become a prime target for hackers instead an idle curiosity. Until then, we will continue to hear a growing number of horror stories like:
- University of Chicago Medical Center posting documents for residents online that included the login information for a shared Dropbox account
- The Peace Corps prepping to use the open-source medical records management systems OpenEMR even though it has scores of known security flaws
- A researcher found a system that can be used to operate an electronic medicine cabinet for hospital prescriptions in Oklahoma.