There are innumerable benefits to digitized record-keeping. I can’t say enough about the benefits of correlation and collation of information that could be gained from taking information off of paper and moving it into computers. For health information, the potential benefits are incredible and could markedly advance individual well-being. The portability and accessibility of electronic records alone, not to mention the visualization and mining of trends, association between care and outcomes, and the effectiveness of diagnosis, treatment, and costs, all stand to benefit patients and their health.
But as health records move to digitization, some individuals are taking an opportunity to commit fraud, due to weaknesses in the system. There are risks that exist with paper records that could be mitigated by digitized records, but once healthcare organizations digitize, new risks can arise.
Problems with and without digital records
Without digitization, if fraud victims and perpetrators visit the same facility, conflicting information submitted over time by multiple patients sharing a medical record could result in physical harm during treatment. Once records are digitized and available across the Internet, this could happen regardless of the fraud perpetrator’s location. This underscores the need for digital records systems to include medical decision support functions that would alert caregivers to harmful drug interactions, or raise red flags when patients report changing blood types or other suspicious conflicting details. Still, lack of digitization will not necessarily remove fraud risks.
Organizations will have to consider strong controls and policies to protect these large collections of information and restrict access to authorized users. And if records are to be available to new doctors in distant cities while patients are travelling, these controls will have to consider some sort of capability to ensure that the patient is present or under the care of a medical professional that they have never visited before. Compared to the current problem of having limited or no access to a paper record in the patients home city, patients certainly will have better and more thorough care under remotely accessible record keeping, but this is a risk nonetheless.
Organizations will grapple for some time with the necessary changes to policy and procedure from these massive migrations to digital record-keeping. In the meantime, criminals will look for and exploit weaknesses and unresponsiveness on the part of system implementers that comes with this transition. What can we look for in assessing risks to these information systems?
Problems with process
A national health records database initiative in the United Kingdom is causing some concern for patients and privacy advocates. The British Medical Association asserts that political wrangling has led the current administration to push for a speedy digitization of patient health records, though the rush has left some patients little or no opportunity to opt out before records can be made available online. In the dash to get records loaded before political attitudes change, some have argued that patients rights are being ignored in the interests of getting information centralized.
Even if the controversial nature of massive, centralized stores of such detailed personal information are dismissed, an undertaking this sensitive should be taken with caution and forethought. If allegations that it has been rushed are true, expect to see miscreants taking advantage of poor planning to infiltrate the system, or exploiting the public backlash to scam individuals. Solid communication about procedures and intentions, such as how individuals can participate legitimately in the effort, can be a deterrent to criminals offering fraudulent “services” to correct patient details, perform opt-out procedures, or whatever creative frauds that they can devise.
Problems with expectations
The risks are not unique to healthcare organizations. In the United States, citizens are currently preparing to be enumerated in the deciannual census. To some, it may be surprising that the effort, even in 2010, is largely paper-based. News organizations and the Census Bureau are making an effort to raise awareness about the process details. Criminals, meanwhile, see the opportunity as a time to convince individuals to part with quite a bit of personal information. Any online solicitations should be a red-flag for individuals, but expect to see many taken in by fake web sites or e-mail messages (or even social networking messages run wild) about a quicker and easier way to update ones census information.
It is good to see awareness around the process, but one would have hoped that more substance about what to expect could have made its way into the media campaign. While privacy protection is featured prominently on the Bureau’s webpage, this citizen is less than impressed by the certainty expressed by the equally prominent quote from the Los Angeles Regional Office Director James Christy:
“No one can get access to census data. It is rock solid secure.” — James T. Christy, Los Angeles Regional Office Director, U.S. Census Bureau
I hope Christy is right, though just three years ago three hundred families were exposed by the very employees who do have legitimate access to that data, and more than one third of the laptops lost by the Bureau in the five years preceding the online disclosure contained personal identifying information. The government should warn individuals clearly and set reasonable expectations of them. Expectations within the organization should also be tempered by an understanding that there are many different ways for information to be exposed, from collection workers, postal employees, web developers, and anyone else along the way that comes into contact with individuals looking to participate in the mandatory count.
Problems with coincidence
I’ve covered Automated Clearinghouse Fraud a few different times here on the Security Blog, and US tax time raises another opportunity to consider its risks. Not only are individuals entering tax information into software and web sites that are designed to aid the process and maximize refund amounts, but personal tax details are being delivered to small organizations around the country for professional tax preparers to assist individuals and small businesses with their accounting needs. Security at these small businesses should be a concern for anyone, as they have shown to be a gold mine for hackers looking to maximize profits from fraudulent ACH transfers.
Coincidentally, the Treasury Inspector General for Tax Administration’s 2009 report suggests that paid preparers should be pushed to file electronically. If hackers can compromise small business networks of accountants’ offices, they could extract a rich supply of ACH details-- stored on worstations and intended for use in tax payment withdrawals or refund deposits.
In this case, the public has shown increasing confidence with electronic filing (the TIGTA’s report above shows that nearly 70% of individuals have e-filed their 2008 taxes by May of 2009). At a time when banking and ACH malware are picking up speed, small accounting firms and the clients that they serve could be headed for trouble.
It’s important to keep a broad view of trends and events taking place in business, computing, and security. Attackers are certainly taking stock of these trends and choosing from a variety of prime opportunities. Organizations, likewise, should be preparing their defenses in advance, according to the trends appearing in the wild.