If you have ever tried to see if a family member or friend is in the hospital, you’ve probably been stonewalled by the Health Insurance Portability and Accountability Act (HIPAA), enacted in 1996. Even if you are only inquiring as to whether or not someone has been admitted to the hospital, you will not receive an answer in an effort to protect patient privacy.
While HIPAA has proven to be effective against those checking up on sick family and friends, it hasn’t been effective in restricting hackers’ access to patient files. Besides potential health concerns, this can also lead to identity theft.
More of a Threat: Ransomware
More and more hospital and health care systems are being attacked by ransomware, which is likely to cause more damage than learning the whereabouts of an ill neighbor. Ransomware can lock all access to a patient’s record and demand payment in order to unlock the computer. As a result, hospitals are forced to perform their tasks on paper, as patient records are at stake. Because situations like this are becoming more prominent, U.S. and Canadian authorities jointly issued a warning about it, calling attention to attacks on hospitals.
How This Problem is Evolving
Many times, critical hospital computers (that are in examination rooms where patients are left alone) are left on and logged into for months and years at a time that do not have up-to-date security.
IT workers are desperately attempting to keep up with security issues, but fall behind due to paranoia over compliance issues.
Thankfully though, the attacks thus far have been limited to administrative systems and patient care this far has been unaffected. This could, however, become a concern for doctors who are unable to share patient information due to the attacks and restrictions.
In the future, it is expected that hackers will be able to target specific patients and launch attacks on pacemakers and other digitally connected devices that control patient health. It may sound like science fiction, but it is becoming a reality with no apparent plans to counteract this concern.