Zero in a bit

Last night our CTO and Co-Founder Chris Wysopal joined Fox Business’ The Willis Report to chat about medical record privacy in a segment titled “Digital Records Putting Your Health Information at Risk?” In the six minute segment Chris talks about “the dark side” of putting medical data online in cloud servers. Among the stats thrown around;

• 50% of doctors offices put customer data online,
• 80% of hospitals put customer data online,
• 21 million people had electronic records stolen in last 3 years,
• 94% of healthcare companies report data breaches.

Staggering numbers no doubt, you might be asking exactly how dangerous is this information? Health insurance fraud, financial identity theft, credit risk and even personal endangerment. If a someone undergoes a medical procedure under your identity, your medical records become flawed. In a scenario where you’re undergoing emergency procedures your records could say you’ve had your appendix out when in fact you haven’t. Beyond personal data privacy concerns are medical device security concerns, a topic we’ve previously touched upon. Wysopal on the subject says, “The medical device problem is particularly scary because you have these devices which were standalone and now you’re adding wireless functionality to them…so you can monitor these devices and connect to them. A lot of them weren’t designed with security in mind.” All of a sudden these devices that were designed to only be accessed physically in person are now being exposed to attackers online, Wysopal also adds to the commentary, “It’s also hard to fix these medical devices and update them because there’s such a long certification process..they aren’t like typical IT systems that you can patch in a few hours.” So what can you do to protect yourself?

1. Ask your health insurance company for a copy of your medical record and activities.
2. Pull your credit report at least once a year and verify all accounts and activity.

If you don’t recognize something on one of these two reports, raise a red flag immediately starting with your healthcare provider. Check out the full video here for more great information.

Nothing’s free in this world, especially not when it comes to security. With Twitter officially cramping your style, you are now forced you to waste precious seconds you could be tweeting, by instead waiting for a verification code to be delivered to your phone just so you can login. The thing about options is that you have them…and options tend to let people remain lazy. Options also carry consequences which never make sense until they actually happen to you. That being said, Twitter gives you the option to activate two-factor authentication, but first…you are going to have to link a phone-number to your account. As the plot thickens, it also doesn’t yet scale for those with the biggest targets on their backs. Media outlets cannot afford to sacrifice the coverage they get with multiple users on staff for a little bit of security….but this is only the first round from Twitter, as they have informed us all to “Stay tuned”. So maybe it is less likely we will be seeing tweets announcing Justin Bieber’s birth to Siamese monkey twins at the Anne Frank House in the coming weeks, but knowing your Twitter account is (more) secure is worth it, right? I know we all love the instant gratification that comes from the massive amount of irrelevant nonsense Twitter delivers around the world; the very concept of a tweet is that thoughts and opinions (assuming they are <140 characters) are available to all of your loyal followers just as quickly as you can get them out. Keep fighting the good fight my friends. Until next time, “help us, help you”.