Foreign hackers, primarily from Russia and China, are increasingly seeking to steal Americans’ health care records, according to a Department of Homeland Security analyst.
Mark Walker, who works in DHS’ Critical Infrastructure Protection Division, told a workshop audience at the National Institute of Standards and Technology that the hackers’ primary motive seems to be espionage.
“They’ve been focused on the [Department of Defense] – the military – but now are spreading out into the health care private sector,” Walker said.
Early in 2007, a virus was placed on a Centers for Disease Control and Prevention Web site, he said, and in April a Military Health System server holding Tricare records was hacked.
Walker said the hackers are seeking to exfiltrate health care data. “We don’t know why,” he added. “We want to know why.” At the same time, he said, it’s clear that “medical information can be used against us from a national security standpoint.”
Any health problems among the nation’s leaders would be of interest to potential enemies, he said.
DHS is increasing its analysis staff to monitor threats in several industries, including health care, and will be issuing more alerts about cyberthreats to health care data, he said.
Walker urged the audience to report data breaches to the authorities. Only the Veterans Affairs Department consistently reports health data breaches, he said. As a result, he added, “our understanding of the cyberthreat to health and human services is vague at this point.”
DHS wants to build a database of health information system intrusions so it can better analyze the threats and develop countermeasures, Walker said.
He said poor security practices among those who use health information systems and disgruntled employees are as much of a threat as cyber intruders.
From the battlefield to the home front: Managing medical data
Government Health IT presents Col. Claude Hines Jr., program manager for the Defense Health Information Management System, in this recent InSight eSeminar. Col. Hines discusses the health information technology and tactical challenges faced by the military medical community in Iraq, Afghanistan and other areas of conflict. In doing so, he describes the current information technology solutions for transferring clinical data between battlefield care givers to health care personnel at military treatment facilities worldwide.
