Last week, Chinese hackers stole an astonishing 4.5 million health care records from American patients.
Those records were stolen from patients of Community Health Systems and it’s one of many health industry hacking thefts that have occurred in recent months.
Why do Chinese hackers want your health care records? What are they going to do with those records? More importantly, should you actually care?
Here’s what you need to know.
Medical records contain patient names, addresses, birth dates, telephone numbers, and SSNs
When people hear that their medical records were stolen, they may think, “Who cares? Why would a Chinese hacker want to learn I had appendicitis at age 12?”
Well, the truth is, your medical records contain a lot of important personal data.
That personal data includes:
-Full names
-Addresses
-Birth dates
-Telephone numbers
-Physical characteristics of the patient, including height, weight, and medical history
-Social Security Numbers
This information is worth a lot of money to the right people. Armed with the information above, someone can steal a person’s identity. They can open lines of credit and ruin their lives in many different ways.
A single health care record can be worth $250
So how much money are we talking here?
According to some reports by those in the know, a single health care record is typically worth between $50 and $250.
For comparison, a single credit card number is generally worth just a few dollars due to the ease with which a credit card number can be deactivated.
You can use someone’s medical record to obtain free health care
Some medical records are used to open lines of credit. However, other medical records are used to obtain free health care.
If you know the age, weight, and height of someone, you can sell that medical record to someone with similar characteristics. Then, that person can walk into a clinic and receive free health care or medications.
That’s why many of the people who buy medical records are uninsured.
That lack of centralized health care makes the US a major target for medical hacking
A lot of America’s problems are blamed on its poor public safety net.
Weirdly enough, the recent string of medical hacks is being blamed on America’s lack of centralized health care.
No, this isn’t some bizarre liberal plot to force socialized medicine on the good people of America (at least, I don’t think it is).
Instead, the lack of centralized health care makes private US health providers an easy target. Many providers – even high-priced providers – don’t invest in nearly enough security infrastructure.
So this is what happens: you have thousands of wealthy patients (wealthy because they can afford private health care) whose records are poorly protected by aging security infrastructure.
These records are extraordinarily valuable and even clinics with strong protection standards find themselves under constant threat of hacking attack.
That’s not to say that public health care systems have better security standards. Instead, in countries like the UK with strong public health care systems, each patient is assigned a unique ID which makes it virtually impossible to access someone else’s medical record.
How to protect yourself
The best way to protect yourself is to sign up with a private health care provider that values your privacy.
Of course, that’s easier said than done.
When searching for health care providers, look for companies that:
-Have never leaked patient information (a Google search will reveal any negative news stories)
-Offer enhanced patient security features
-Have instituted stronger patient ID systems or additional security measures which make it difficult for someone to access your information or utilize that information to their advantage
Unfortunately, as long as health care records are so valuable on the online black market, Chinese hackers (and hackers from other countries) are going to continue stealing those records from hardworking Americans.
We highly recommend installing PC security software like PC Cleaner Pro while also constantly monitoring your credit for any unauthorized changes.