UCLA Medical Center Breach Highlights Paperless Patient Record Vulnerabilities
The recent intrusion by hackers into the UCLA Health System computer network is yet another example of how the search for convenience can lead to a loss of privacy and security. As many as 4.5 million people may have had their personal information compromised when hackers attacked the medical center's computer network.
Invasion of Medical Privacy
UCLA first detected suspicious activity in October of 2014. The FBI has been working with the university to learn the source and scope of the intrusion, but security experts were unable to verify that patient data was exposed until May of 2015.
Data affected by this breach includes names, dates of birth, social security numbers and ID numbers from Medicare and health plans. Some information concerning ailments, tests and treatments may also be involved. This may have serious consequences for the medical center under the Health Insurance Portability and Accountability Act, or HIPAA. HIPAA establishes patient data confidentiality requirements.
UCLA Health is offering a year of identity theft monitoring and a year of credit monitoring to anyone whose Medicare ID number or social security number was compromised.
The hospital is continuing to investigate the breach with the help of the FBI and a private forensics company. UC President Janet Napolitano will head a cybersecurity review team to improve security throughout the university's computer systems.
The Major Vulnerability of the Digital Age
UCLA breach demonstrates that while maintaining patient confidentiality is a noble goal, actually personal information privacy is harder than ever in the digital age. The move toward a paperless medical environment where patient data can be shared readily by caregivers in different locations also puts that data at risk of being exposed to criminals.
The same risks exist in other business environments. As users share even more vital data online or via mobile devices, more potential security gaps are created for hackers to exploit. Many people use weak passwords that can be guessed or hacked by criminals. Once an intruder finds a password, all the data in the system can be compromised.
Is There a Secure Life in the Cloud?
Many companies use cloud data storage to keep information accessible on any platform and in any location. The cloud is simply a way of thinking about the servers that move data from place to place; in this case, it moves wirelessly from mobile devices to computers to corporate networks.
The key to this exchange of information is secure transit. Sensitive data is protected by passwords, and systems must verify the identity of anyone who wants to access that data. Unfortunately, those passwords are used by human beings, and people are notoriously bad at generating and remembering strong passwords.
One solution to this problem is NetLok. NetLok provides a secure cloud environment for storing personal or business information. It does this by eliminating the need for people to remember passwords only a computer could love.
NetLok uses photos as passwords. A photo is actually a large data file that a computer system sees as a series of ones and zeroes. This creates a longer and more complex password than a human could remember.
A photo by itself, however complex, won't create a secure password. The photo must also be protected against hackers. NetLok does this by encrypting the photo. This creates a large, scrambled file which is almost impossible to hack. NetLok's system monitoring detects any attacks to keep data safe.
As society comes to rely more and more on cloud communications, personal information privacy will become more difficult. The only solution to this dilemma is be aware of the risks and take every precaution possible to keep sensitive data secure.