This Week Health

Don't forget to subscribe!

Would you store your personal bank login, Your email login or your kids social security numbers on your health systems network? 

Why or Why Not? 

Here's a scary story. Hackers published detailed information from peoples medical records out on a blog on the dark web for anyone to download.

FTA

-----

Hackers have published extensive patient information from two U.S. hospital chains in an apparent attempt to extort them for money.

The files, which number in at least the tens of thousands and were posted to a blog on the dark web that the hackers use to name and extort their victims, includes patients’ personal identifying information, like their names, addresses and birthdays, as well as their medical diagnoses. They come from the Leon Medical Centers, which serves eight locations in Miami, and Nocona General Hospital, which has three locations in Texas.

-----

If people wonder why I'm NOT for a National Patient ID, this is part of the reason. The other is interoperability. If you want to discuss, ask me in the comments. 

Transcript

This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

 Today in Health it, this story is Hackers post detailed patient medical records from two hospitals to the dark web. My name is Bill Russell. I'm a former CIO for a 16 hospital system and creator of this week in Health IT a channel dedicated to keeping health IT staff current. And engaged. No sponsor today.

Just an apology. I record these shows between 5:30 AM and 6:30 AM on the morning that they, these shows go live on Friday. I uploaded a raw version of the recording of the show to the podcast channel. Not many of you heard it because I noticed the mistake in changed the audio recording within 30 minutes.

But if you use an application like I do, like Overcast on your phone. You may have downloaded a raw version of the recording and I use some profanity when I make a mistake on that show. I'm sorry if you got that version of the show. I'm sorry for my profanity and I will do better and I will start doing better today.

Let's get to today's story just from NBC News. The title is Hackers Post Detailed Patient Medical Records from Two Hospitals to The Dark Web. Alright, here's some excerpts from the stories. Hackers have published extensive patient information from two US hospital chains in an apparent attempt to extort them for money.

The files, which number, and at least the tens of thousands were posted on a blog on the dark web. It goes on to say that the files come from, uh, two hospitals, Leon Medical Centers, which serves eight locations and Noona General Hospital, which has three locations in Texas. Uh, the information that was published was things like patient's personal identifying information, their names, addresses, birthdays, as well as their medical diagnosis.

The file also includes at least tens of thousands of scanned diagnostics. Results and letters to insurers. One folder contains background checks on hospital employees. An Excel document titled 2018. Colonoscopies has 102 full names, dates, and details of the procedures and a field to mark, yes or no to whether the patient has a normal colon.

The hacker group that posted the files is well known to cybersecurity researchers. They typically first encrypt their victim's files and demand payment, and it's rare for them to publicly release such files first, but at least with n Kona, that appears to be what happened. The motive for the release of the files is unclear.

The leak highlights how hackers have in recent years steadily targeted American hospitals. And we know that that's the case. We've been actually been talking about that a little bit In January, Leon Medical Centers announced that it had been hacked in November, and that it had had soon determined that certain files stored within the Leon Medical Center environment that contained personal information had been accessed by the cyber criminals.

That includes name, contact, information, social security number, financial information, date of birth, family information, medical record number, medical number, pre prescription information, medical and or clinical information including diagnosis and treatment history and health insurance information. The announcements said, all right, so that's enough from the story.

You know, here's the so what on this Security is hard and it is changing rapidly. I get it. I empathize with you as healthcare leaders, but if you cannot hire the best talent, here's my advice for you. If you can't hire the best talent, you should outsource this work asap. The reason I say this is because the nefarious actors aren't playing around and they aren't hiring people who are learning on the job.

They're hiring experts who know how to exploit the vulnerabilities of your network, your system, and your staff. This is not a case where you know you should get points for effort. When a mistake is made, people's lives are affected in a significant way. These files on the dark web could be your files, your family's files, or your friend's file shortly.

It will expose them to identity theft at best and at worst, reveals some extremely private information to the world. You have to get this right. Do not pass, go. Do not collect $200. Get going on this today. Do it right and by right, I mean in a way that you would put access to your bank login details, your personal bank login details, your email login and your kids' social security numbers behind whatever you set up, because that is what you are protecting for the families in your community.

All right. That's all for today. If you know of someone that might benefit from our channel, please forward them a note. They can subscribe on our website this week, health.com, or wherever you listen to podcasts. Apple, Google Overcast, Spotify, Stitcher, you get the picture. We wanna thank our channel sponsors who are investing in our mission to develop the next generation of health IT leaders.

VMware Hillrom, Starbridge Advisors, McAfee and Aruba Networks. Thanks for listening. That's all for now.

Thank You to Our Show Sponsors

Our Shows

Today In Health IT with Bill Russell

Related Content

1 2 3 282
Healthcare Transformation Powered by Community

© Copyright 2024 Health Lyrics All rights reserved