Rochester, MI (PRWEB) February 14, 2013
Penetration testing performed by High Bit Security on a Midwestern medical facility dramatically illustrates the ease with which hackers can obtain Protected Health Information. (PHI)
“When High Bit Security tested the medical facility, we obtained access to patient medical records, including name, address, next of kin, social security numbers, medical history, driver’s license numbers, all Medicare, Medicaid, and insurance information, plus the physician’s signatures and narcotics ID,” said High Bit Security COO, Adam Goslin. “Obviously we would not disclose the name of the facility, but the administrator advised us that they had 20,000 patient records in their system at the time the test was performed.”
The Financial Impact of Breached Protected Health Information, a study published by the American National Standards Institute (ANSI) States on page 21: “A thief downloading and stealing data can get $50 on the street for a medical identification number compared to just $1 for a Social Security number. For those receiving the medical ID number and using it to defraud a health care organization, the average payout is more than $20,000,” according to Pam Dixon, executive director of the World Privacy Forum. "Compare that to just $2,000 for the average payout for regular ID theft.” *1*
“That translates to one million dollars in overall revenue to the hacker, and potentially $40 million dollars in costs to the system - in fraudulent claims and fake prescriptions, sometimes taking months to catch. It’s easy to see why even a small doctor office presents a juicy target. It is well known in the hacking community the value of certain types of information, traded in a classic underground economy,” continued Goslin.
Small wonder that the government is ste
Copyright©2012 Vocus, Inc.
All rights reserved