You Have to Worry About Your Medical Records
In 1971, a defense analyst named Daniel Ellsberg leaked a top secret document critical of the Vietnam War to the New York Times. This prompted men on Nixon’s payroll to break in and search Ellsberg’s file in his psychiatrist’s office in order to find anything embarrassing or discrediting. This break in was actually a more egregious incident than the Watergate burglary. Not much is more sensitive and sacred than the conversations between psychiatrist and patient. Certainly not the secrets of the Democratic Party in their Watergate sixth floor office suite.
Now we’re in the age of electronic records. From a remote location, a computer hacker could access thousands of medical files. Medical information is more valuable to hackers than credit card information. And there are now more medical than financial security breaches. Hospital records contain financial AND health records. And given the choice between a security upgrade and a new piece of high tech diagnostic equipment, you know which they’ll purchase. In fact, in 2019 my local hospital experienced a major hack of records pertaining to 72,000 patients and former patients.
I obtained my records in person with an identification card and a cursory examination of it by the records clerk. A fake ID can open up a world of information about any former patient. In my state, these records must be kept for at least ten years.
Cybercriminals can assume identity for financial transactions, fraudulently bill customers, access prescriptions, and commit insurance fraud. Then there’s blackmail. It would be easier to just blackmail a hospital with a batch of records than an individual. But it’s easy to see why this would be yet another reason for the people with mental illness to avoid treatment.
Consider a financially strapped health care worker. In many hospitals or health care networks, virtually any employee — doctor, PA, nurse, tech, administrator — has access to the records and could sell them for as much as $100 apiece.