A recent report that Web 2.0 (Facebook, Twiter, MySapce, et al) continues to encourage friends to share private information at an alarming rate is hardly a surprise. Research at a number of universities demonstrates that things are probably worse than most people image. For instance, the 2009 paper entitled “Predicting Social Security numbers from public data” from Carnegie Mellon explained how easy it is to predict patterns of data that leads to accurate predictions of Social Security numbers (SSNs) and birth dates from public data. Cyber thieves are taking advantage of the personal information on the Internet as we are well aware.
Electronic Health Records (EHRs)
To make matters more interesting the expansion of EHRs over the next four years will expose more personal medical information on the Internet. The US deadline of 2015 implementing all EHRs may sound great to some, but we should be concerned about how well that personal information is protected. Actually the EHRs may make the personal information a bigger target to cyber thieves. Recent warning about cyber threats from the FBI and DHS should make us all uneasy.
SSNs Used for Personal Identification
As many of us remember for many years health insurance companies used SSNs for their insureds’ account numbers and a number of states used SSNs for drivers’ license numbers. So there are millions of historic records on US citizens that include SSNs. As a matter of fact, millions of Internet court records include divorce decrees, motions, and affidavits with SSNs, drivers’ license numbers, credit card numbers, and bank account numbers. Many states now limit posting of this personal information on the Internet, but records from the past abound with personal information. Given our open government view of open records laws which sprang forth after Watergate in 1972 most people think government and court records should be open, but a hidden danger lurks in protecting personal information within those court records.
Let’s Talk Compliance | Provider Relief Fund: Reporting Requirements and Compliance Concerns