How we carry $10,000 cash versus patient data backup tapes worth much, much more

How we carry $10,000 cash versus patient data backup tapes worth much, much more

I just read another data theft article. The Seattle Times reported Patients’ information stolen in 3 thefts. This time backup tapes (which I warned about in an earlier post) were left in a personal vehicle which was broken into. I can’t tell you how many times I’ve walked around in a hospital or provider parking lot and seen medical record folders sitting in physicans’ cars. That’s bad, but thieves (if they broke in) could only get a few records at a time. Breaking in and grabbing backup tapes, though, nets thousands of records with very little effort. The Providence example (from the Seattle Times story) is neither new nor unique — backup tapes are carried in personal vehicles by IT people thousands of times a week all over the country.

In case you’re not already aware, I thought it might be illustrative to show how businesses send $10,000 in cash versus some hospitals send potentially hundreds of thousands or millions of dollars worth of patients’ medical and financial data backup tapes. Here’s the difference:

Cash versus medical information

Cash is carried in an armored truck.

Medical data and customer financial backup tapes are carried in the same vehicles as flowers and candies!

Is it just me or is something not right here?

I’ve worked for many years in DoD research centers dealing with classified information and it worries me that many businesses and hospitals don’t treat their customer, patient, and financial data just like we used to treat classified information: as extrememly valuable with the appropriate checkin/checkout/hand off procedures. Law enforcement treats evidence using a “chain of custody” model where everything is tracked as information and evidence moves from one person to antother.

Is there any reason why we in healthcare can’t use tried and true methods like intelligence and law enforcement agencies use to protect backup tapes? Only if we don’t care.

At some point our patients will wake up and starting asking us about our policies. I’d suggest we get our act together before then 🙂

Shahid N. Shah

Shahid N. Shah

Shahid Shah is an internationally recognized enterprise software guru that specializes in digital health with an emphasis on e-health, EHR/EMR, big data, iOT, data interoperability, med device connectivity, and bioinformatics.

Mike, who works at Cleveland Clinic, has released the Light HL7 Library for Java. Here’s how he describes it: The Light HL7 Library let’s you simply parse, modify and create HL7-like messages in …

Did you find this useful?

Medigy Innovation Network

Connecting innovation decision makers to authoritative information, institutions, people and insights.

Medigy Logo

The latest News, Insights & Events

Medigy accurately delivers healthcare and technology information, news and insight from around the world.

The best products, services & solutions

Medigy surfaces the world's best crowdsourced health tech offerings with social interactions and peer reviews.

© 2023 Netspective Media LLC. All Rights Reserved.

Built on Jan 17, 2023 at 9:26am