The integration of technologies attracts attention to segments that until recently would have gone unnoticed. This is the case of the digitization of health records in electronic systems, shared by the network.
Amplified by the collection of personal data promised by the new watches and sensors, they are expected to speed up and increase the accuracy of diagnostics, essential factors in an area where deadlines are often urgent and there is little room for error.
However, this digitalization can also mean a security nightmare for the medical segment. Their databases are rarely properly protected, which creates opportunities for groups specializing in electronic crime.
What's so interesting about a medical record? To begin, generic data. Names, addresses, plans, policies and billing information can be used to create false identities and perform other types of fraud.
Medical records can also be used to forge prescriptions, appointments, hospitalizations, refunds, fraudulent lawsuits and even buy equipment or medicines to resell on the black market. Unlike bank fraud, theft of medical identity is not immediately identified by the patient or the service provider, which gives criminals plenty of time to profit from them.
To make matters worse, the invasion is easy. Many of these networks use, in their administrative systems, old machines, some more than ten years old and very few updates, besides a huge neglect with encryption and backups.
Among service providers, it is common to underestimate the scale of the problem. It is understandable, although it should not be acceptable. In an environment of little technological knowledge, big investments and tight budgets, the decision between investing in a new tomography or hemodialysis device will always seem much more urgent and will present more immediate and palpable results than the investment in structuring or modernizing the administrative firewall. .
With daring worthy of Hollywood, organized crime groups carry out daily attacks on major hospitals and health care providers in the United States, Europe and Japan. Hackers also insert malicious code thumb drives into computers, steal backup tapes, laptops and hard drives and clone databases.
In a recent case, some hospitals in California outsourced the service of transcribing their files to companies in India and Pakistan, and were then blackmailed by their own suppliers.
While leaking celebrity photos is taking over the world and raising questions about the quality or reliability of cloud services, it is undoubtedly the best way out. Medical offices and hospitals can adequately protect their patient data through anonymous and private storage services, similar to the process used in financial services.
Theft is just one problem. Another major concern is piracy and counterfeiting of equipment. According to the World Health Organization, it reaches 8% of medical devices worldwide. For now they are still restricted to simple products, such as condoms, contact lenses and surgical instruments. But soon piracy will come to electronics. It is not at all comfortable to think of a software problem causing a failure of a survival system, right in the middle of surgery.
You need to be aware of this type of fraud. At best, the injured patient will have to deal with the bureaucracy of health plans to prove that he is innocent, and even so, he may have, in his records, information that compromises future jobs or financing.
Ultimately, we will all pay, when we receive the transfer of the security account in the increase in health insurance prices and in the precariousness of public services.
Luli Radfahrer
Source: Folha de S.Paulo