Questions still need answering in Australia’s largest health data breach

The Conversation, 31 October 2016
Author: David Glance
“In what is Australia’s biggest data breach of medical information, more than 550,000 customers of the Australian Red Cross Blood Service had personal and medical details exposed online and leaked to an anonymous hacker last week.”
Find article here.

China Investigating Data Leak and Swindling of H.I.V. Patients

NYT, 21 July 2016
Source: Sinosphere
“Hundreds of people with H.I.V. across China were reporting that they were being called by someone who claimed to be from the government and had access to their medical records and other personal information.The director of a support network based in Beijing for people with H.I.V./AIDS, said he began receiving the messages about two weeks ago. While awaiting answers as to how their medical data was hacked or leaked, people with H.I.V. are worried about the possibility of new swindles or blackmail.”
Find article here. has been scrapped, but your health data could still be shared

The Conversation, 12 July 2016
Author: Eerke Boiten
“Following a review by Dame Fiona Caldicott, the UK government decided to pull the plug on, a controversial NHS initiative to store all patient data on a single database. This may seem like a victory for data-privacy advocates, but NHS data-sharing initiatives are still being planned and the goalposts are being moved on patient consent.”
Find article here.

US Healthcare records offered for sale online

BBC, 27 June 2016
Source: BBC News
“Three US healthcare organisations are reportedly being held to ransom by a hacker who stole data on hundreds of thousands of patients. The hacker has also put the 650,000 records up for sale on dark web markets where stolen data is traded. Prices for the different databases range from $100,000 (£75,000) to $411,000.”
Find article here.

Access to core information critical to e-health record success

AMA, statement 16 June 2016
“Doctors and other health workers need to have access to core clinical information in electronic medical records if the Federal Government’s My Health Record system is to deliver an improvement in patient care, the AMA has said. Releasing the AMA’s updated Position Statement, Shared Electronic Medical Records 2016, today, AMA President Dr Michael Gannon said that giving patients the ability to block or modify access to critical information such as medications, allergies, discharge summaries, diagnostic test results, blood pressure and advance care plans compromised the clinical usefulness of shared electronic medical records loaded on the My Health Record system.”
Find statement here.

Did Google’s NHS patient data deal need ethical approval?

New Scientist, 25 May 2016
Author: Hal Hodson
“Google’s artificial intelligence company DeepMind has access to the identifiable personal medical information of millions of UK patients through a data-sharing agreement with the Royal Free London NHS Foundation Trust. Later, DeepMind deployed a medical app called Streams for monitoring kidney conditions without first contacting the relevant regulatory authority. DeepMind’s partnership with the Royal Free provides it with fully identifiable information – including names, addresses and details of medical conditions – for the 1.6 million patients treated at Barnet, Chase Farm and the Royal Free each year. It also includes complete data on all patients treated by the trust in the past five years.”
Find article here.

Telstra wins contract to manage your health records

SMH, 26 May 2016
Author: Mark Kenny
“The Australian government is pushing ahead with plans to place sensitive medical records under corporate management and will announce on Thursday that Telstra Health – a division of Telstra – has been awarded the contract to manage a new national cancer screening register from next year. The contract signals an end to a series of smaller registries managed on a not-for-profit basis. The novel foray into medical information management by the telecommunications giant could be unpopular with patients raising concerns about privacy and security, and even raising questions over the extent of legal protection under Australian law if data is stored or transmitted offshore.”
Find article here.

Computer error may have led to incorrect prescribing of statins to thousands of patients

BMJ 2016;353:i2742
Author: Gareth Iacobucci
“Thousands of patients in England may have been incorrectly prescribed or taken off statins because of a major IT glitch. The Medicines and Healthcare Products Regulatory Agency (MHRA) has launched an investigation after a fault was discovered with the digital QRISK2 calculator in SystmOne, run by TPP, which assesses cardiovascular risk. The MHRA said that a third of GP surgeries in England may have been affected…”
Find extract here.

Healthcare Portals, Patient Photos Pose Possible Data Security Gaps

Information Management, 19 April 2016
Author: Joseph Goedert
“As the healthcare industry continues to confront cybersecurity threats and seek ways to improve defenses, it must consider every avenue that might lead to access to patient information. Some potential gaps are not as obvious. For example, there is a potential security gap within the patient portals that providers are offering to patients. Another security worry is the lack of attention to securing digital photos of patients taken in a hospitals.”
Find article here.

Hackers demand ransom to release encrypted US medical records

BMJ 2016;353:i1876
Author: Owen Dyer
“Hackers have shut down the computers of MedStar, the principal healthcare provider in Washington, DC, and surrounding areas, and are warning that millions of medical records will be lost forever 10 days hence if the healthcare group does not pay a ransom of 45 bitcoins, roughly $19?000 (£13?000; €16?500). It is the third attack by “ransomware” hackers on US hospitals in recent weeks, and the highly vulnerable industry, known for poor computer security, fears that it could signal a new trend.”
Find extract here.