The digital health space refers to the integration of technology and health care services to improve the overall quality of health care delivery. It encompasses a wide range of innovative and emerging technologies such as wearables, telehealth, artificial intelligence, mobile health, and electronic health records (EHRs). The digital health space offers numerous benefits such as improved patient outcomes, increased access to health care, reduced costs, and improved communication and collaboration between patients and health care providers. For example, patients can now monitor their vital signs such as blood pressure and glucose levels from home using wearable devices and share the data with their doctors in real-time. Telehealth technology allows patients to consult with their health care providers remotely without having to travel to the hospital, making health care more accessible, particularly in remote or rural areas. Artificial intelligence can be used to analyze vast amounts of patient data to identify patterns, predict outcomes, and provide personalized treatment recommendations. Overall, the digital health space is rapidly evolving, and the integration of technology in health

Friday, September 5, 2014

HHS: Federal Exchange Site Hacked, No Personal Data Stolen



The inevitable 'hack' occured in July according to HHS officials.  It involved the Federal Health Insurance Exchange, health.gov .

On Thursday, HHS officials announced that a hacker in July breached part of HealthCare.gov and uploaded malicious software, the Wall Street Journal reports (Yadron, Wall Street Journal, 9/4).
A team of investigators discovered the breach on Aug. 25 during a routine security scan. I suppose HHS and federal IT infrastructure have their own "Malwarebytes" to detect and clean their systems,  regularly.  I know that good IT practices require this type of routine maintenance.
Perhaps the hackers broke in to see if they could improve health.gov for the Dept. of HHS. I am sure many were willing to help there.  Probably any videogamer could improve the web site.  It's been a whole year for things to improve, and the next enrollment period begins in about one month.
According to an HHS official, the attack appears to be the first successful breach of the website, through which millions of U.S. residents have purchased health insurance coverage since fall 2013.

Details of the Hack



Investigators found no evidence that enrollees' personal data were taken in the attack. Rather, the hacker accessed a server used to test code for the website (Wall Street Journal, 9/4).
Common malware was uploaded to the test server and designed to incapacitate other websites, a method often referred to as a "denial of service" attack. Government officials say the malware was not intended to steal consumers' data (Viebeck/Hattem, The Hill, 9/4).
"Our review indicates that the server did not contain consumer personal information; data [were] not transmitted outside the agency, and the website was not specifically targeted," HHS said, adding, "We have taken measures to further strengthen security" (O'Donnell, USA Today, 9/4).
I feel relieved
It's about like someone breaking into your house and leaving a 'stink bomb' rather than taking your large screen T.V.

Reaction

Rep. Darrell Issa (R-Calif.) -- chair of the House Oversight and Government Reform Committee -- in a statement said the revelations were "unsurprising" amid previous concerns about the website's security. He added that the administration repeatedly had "dismissed concerns about the security of HealthCare.gov, even as it obstructed congressional oversight on the issue." Issa also called on CMS Administrator Marilyn Tavenner to testify alongside GAO officials before the committee on Sept. 18 (Hattem, The Hill, 9/4).
Meanwhile, Rep. Diane Black (R-Tenn.) called on the Senate to join the House in passing the Health Exchange Security and Transparency Act (HR 3811), which would require the federal government to notify individuals if their personal information has been breached (Black release, 9/4). (A one paragraph-regulations)  I thought that was already covered by HIPAA.
Let us hope that things will get better (don't hold your breath)


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)