" healthcare Archives - LuxSci FYI Blog: Learn about HIPAA email encryption, secure email encryption, and more
LUXSCI

Posts Tagged ‘healthcare’

Cyber Espionage Infiltrates American Small Business

Tuesday, January 30th, 2018

The last thing an architect could imagine is that his company’s proposal for a new commercial building site along a stunning San Francisco Bay view would lose to a competitor with a similar design and infrastructure, a lower bid, and a leaner delivery schedule. It happened. And cyber-espionage was the culprit.

New technology spans the globe as small businesses find themselves victims to espionage as someone steals their sales pipelines, customer lists, corporate secrets, and corridors to their Fortune 1000 clients without their knowledge. It was Robert Mueller, former head of the FBI, who stated in 2012 that “there are only two types of companies: those that have been hacked and those that will be.” A well-known attorney updated that comment recently when he warned his colleagues that “You are a company that has been hacked or a company that doesn’t know you were hacked.” This is a reality check for all business owners.

Read the rest of this post »

Understanding Blockchains – Part 4: Exploiting blockchain-based solutions

Wednesday, December 6th, 2017

We conclude our four-part series (see the earlier posts here, here, and here) with a survey of how blockchains are (or could be) used in different industries, but especially in the medical and healthcare sectors.

In the previous posts, we provided a step-by-step introduction to blockchains – showing how a fully distributed ledger can be maintained in a consistent state by a large group of unaffiliated peers, mutually distrustful and potentially malicious, and who may not always be responsive. Distributed ledger (or database) technology is not new, but the blockchain as used by Bitcoin offered the first practical solution to solve most of the problems that thwarted researchers in the past.  It solved the problem of scale (the number of nodes that have to maintain the ledger), the problem of trust (between pseudonymous peers), the problem of mutability (preventing retrospective changes to the ledger), the problem of centralization (where an attack on a central database can lead to massive data loss or denial of service), and several others. Bitcoin’s successor, Ethereum, as described in our previous post, added a whole new twist to the simple ledger as a repository of immutable records. Records can now contain code which can run business rules incorruptibly and effect changes in the system.

Blockchain is not just for cryptocurrency

That the success of Bitcoin and Ethereum as a showcase of blockchain technology should have captured the attention of other industries is no surprise. After all, some of the operational issues that such diverse industries as banking, transportation, education and pharmaceuticals face appear to be partly mitigated by a blockchain-based solution. For instance, many of these industries suffer from poor or inaccurate record keeping, which adds to costs, inconvenience and fraud. A blockchain-based solution appears, at least superficially, to address some of these inefficiencies. For example, education records can be maintained permanently on a blockchain (rather than in easily lost or alterable paper records); a drug shipment can be tagged on the blockchain during each stage of its manufacture through transportation between various intermediaries to the ultimate retailer, preventing counterfeiting.

Read the rest of this post »

Opt-out email security: A step towards better HIPAA Privacy Rule compliance

Tuesday, August 22nd, 2017

Breaches of electronic Personal Health Information (ePHI) from email communications amongst HIPAA covered entities, their business associates, and health care consumers reveals a common pattern. Patient records are often emailed unencrypted (see here, here and here), or sent to unintended recipients (examples here and here).  Poor email practices might also cause bulk emails (e.g., health newsletters, office closing notices etc.) to be sent without masking the names/emails of the recipients (see here). All of these can be breaches of HIPAA.

Email Breach

Email breaches continuously leak ePHI from healthcare

While not as prominently exposed by the media as hacking incidents, where large numbers of records can be compromised in a single attack, HIPAA violations owing to poor email practices proceed at steady rate. However, the consequences can be as just as problematic for the healthcare provider, despite the smaller number of exposed individuals. The insidious drip-drip-drip leakage of ePHI via improper email usage is often harder to handle and the sort of ePHI exposed can be subtle.

Read the rest of this post »

Why Are Hackers Targeting Your Medical Records?

Thursday, March 2nd, 2017

Medical record theft is booming. Over the past few years, large scale breaches have become more common and increasingly severe. Last year in June, a hacker named thedarkoverlord was selling 650,000 US healthcare records as part of a long-running crime spree. The collection was listed on a deep web marketplace called the Real Deal for over $700,000 worth of Bitcoin.

A cancer treatment provider called 21st Century Oncology had 2.2 million patients records compromised in late 2015. The stolen data included patient names, the names of their doctors, social security numbers, insurance information, diagnoses and treatments. The company was required to notify all of the affected patients and they have also offered free credit protection for one year as partial compensation. 

This is just the tip of the iceberg. According to Bitglass, 113 million Americans were affected by healthcare data breaches in 2015. This is almost 10 times more than the previous year. The IDC’s Health Insights group predicted that one in three patients would be the victim of a breach in 2016. This trend is likely to continue or even intensify over the coming years.

Read the rest of this post »

LUXSCI