Practical Paranoia

Physicians serve patients with care, compassion and respect. Key to respect is privacy protection. Its loss can negatively impact health every bit as much as diagnostic or therapeutic harms.

Unfortunately, health information is increasingly attractive to criminals. It can be stolen and held for ransom or for re-selling to the highest bidder. And criminals learned long ago that technical and security hacks are not worth the effort. The easiest way breach a fortification is to simply walk through the front door with a user's trusted credentials. And the easiest way to get those is to dupe us into giving them up. Our greatest security vulnerability is neuron, not electron, based.

Thus the need for practical, purposeful paranoia. Physicians should adopt an attitude of universal mistrust when it comes to information sharing. Keep clinical content (of all types) to secured clinical information systems. Never accept requests for logon credentials.

And so on. We could list many do's and don'ts. But that would miss the point. New neuron-targeted tricks are inevitable. The goal is to protect against what will appear on future lists.

We'll be revisiting this topic frequently, sharing learnings from as many of our colleagues as possible. Please offer suggestions and questions to keep the paranoia alive!

No comments:

Post a Comment

Please feel free to contribute to discussion by posting comments here. For general suggestions, please use the link in the column to the right.