Manage My Health Data Breach

[Techli]

Stuff

www.stuff.co.nz

This has got me thinking - for all those out their with RMM software - what if someone was able to access/hack those systems for malicious purposes, if you've given this some thought what have you used to make your decisions and reduce not only your risk but the risk to the companies your supporting and of course liability?

 

[DRPCNZ]

Whats gets me is how quiet everyone has been with this. All I have heard is that they are investigating, been nothing released about what sort of data may have been compromised. Doctors have not even been informed.

 

[britechguy]

It doesn't surprise me that things about this "have been quiet." That article doesn't state when the compromise occurred, and across how many hours or days, but it can often take weeks to months of forensic analysis to determine what, exactly, was compromised.

I've been part of two large data breaches here in the USA in the past, one with Anthem (one of our major health insurance companies) back in 2015 and another in 2017, with Equifax, one of the three "big players" in the credit reporting industry (and where the unauthorized access lasted several months).

It takes a while to figure out what is in hands that shouldn't have it, and at least on this side of the big pond, when this sort of thing happens the company where it happened typically offers between one and five years of identity protection monitoring. Nothing appears to have come to anything with my personal data, as the shelf life for this sort of thing is finite (even if the data itself isn't) and I had no adverse events afterward. But I did put freezes on all of my credit accounts at each of the three big credit reporting agencies, and one smaller one, to prevent anyone from even attempting to open any new lines of credit in my name.

 

[GTP]

My GP Practice gets annoyed when I call to book appointments over the phone. I'm "tying up resources" apparently. Instead, they insist I use the "HotDoc" app.
I’ve refused - and will continue to refuse - to use this app. If phone bookings are ever completely blocked, I’ll simply drive to the surgery and book in person.

My objection isn’t just preference: the app requires that I grant permission for them to access ALL medical and personal history just to book a simple appointment. That’s excessive, unnecessary, and a real privacy concern considering the amount of breaches that are occurring now.

I think patients should have a choice - booking an appointment shouldn’t come at the cost of handing over every detail of their personal life to a company that can/will share with third parties and worse when they get hacked!

No, just no!

 

[Techli]

Exactly - i got asked to provide my real DOB to a company who didn't need access to that information - after a quick "Trust" search i declined their request and gave a blatant false DOB, eventually i was able to continue as it met their requirement - that reminds me i got caught in an official NZ Survey which required about 30 mins every 1/4 to answer their questions (legal requirement no way out) and when it came to the DOB question and i was told that i had to provide 1 i asked "does it have to be accurate?" the poor person at the other end went away and said there was nothing specific about providing a false DOB so naturally i gave them a magical DOB - Now the funny part is that sometimes they would get my wife who would then give the correct DOB and then the next time they got me i would change it randomly. One of the conversations went like this "So your son is older than you by 10 years and your in your 90's ?"